From 413a52605df9d06dc4d6f375164f80eb2a6649bd Mon Sep 17 00:00:00 2001
From: Earl Warren <contact@earl-warren.org>
Date: Fri, 3 Oct 2025 16:14:08 +0000
Subject: [PATCH] fix: remove LXC backend leftovers when the job completes
 (#1054)

- remove the root of the LXC container after destroying it, with sudo as it may contain files owned by root while the runner id is not root
- os.RemoveAll only for native host runs, it is no longer needed for the LXC backend
- remove the CleanUp function that is an indirection with no use

Resolves forgejo/runner#442

When running the test from a non-root user and without this fix, it fails as follow:

```
go test -v -count=1 -run='TestRunnerLXC' ./internal/app/run
=== RUN   TestRunnerLXC
...
time="2025-10-03T15:05:12+02:00" level=debug msg=stopHostEnvironment
time="2025-10-03T15:05:13+02:00" level=debug msg="HostEnvironment.Remove /tmp/TestRunnerLXC1841090130/001/d29c1256e2912892/hostexecutor"
time="2025-10-03T15:05:13+02:00" level=error msg="Error while stop job container FORGEJO-ACTIONS-TASK-0_WORKFLOW-3ede81fbc69d42e6db70bef5820490fc3e7dc4d9dcbfb64981f2d00f08a30d6e_JOB-job: unlinkat /tmp/TestRunnerLXC1841090130/001/d29c1256e2912892/hostexecutor/some/directory/owned/by/root: permission denied"
=== NAME  TestRunnerLXC
    runner_test.go:469:
        	Error Trace:	/home/earl-warren/software/runner/internal/app/run/runner_test.go:469
        	            				/home/earl-warren/software/runner/internal/app/run/runner_test.go:496
        	Error:      	Received unexpected error:
        	            	Error occurred running finally: unlinkat /tmp/TestRunnerLXC1841090130/001/d29c1256e2912892/hostexecutor/some/directory/owned/by/root: permission denied (original error: <nil>)
        	Test:       	TestRunnerLXC
        	Messages:   	OK
=== NAME  TestRunnerLXC/OK
    testing.go:1679: test executed panic(nil) or runtime.Goexit: subtest may have called FailNow on a parent test
=== NAME  TestRunnerLXC
    testing.go:1267: TempDir RemoveAll cleanup: unlinkat /tmp/TestRunnerLXC1841090130/001/d29c1256e2912892/hostexecutor/some/directory/owned/by/root: permission denied
--- FAIL: TestRunnerLXC (6.84s)
    --- FAIL: TestRunnerLXC/OK (6.84s)
FAIL
FAIL	code.forgejo.org/forgejo/runner/v11/internal/app/run	6.847s
FAIL
```

<!--start release-notes-assistant-->
<!--URL:https://code.forgejo.org/forgejo/runner-->
- bug fixes
  - [PR](https://code.forgejo.org/forgejo/runner/pulls/1054): <!--number 1054 --><!--line 0 --><!--description Zml4OiByZW1vdmUgTFhDIGJhY2tlbmQgbGVmdG92ZXJzIHdoZW4gdGhlIGpvYiBjb21wbGV0ZXM=-->fix: remove LXC backend leftovers when the job completes<!--description-->
<!--end release-notes-assistant-->

Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/1054
Reviewed-by: Mathieu Fenniak <mfenniak@noreply.code.forgejo.org>
Co-authored-by: Earl Warren <contact@earl-warren.org>
Co-committed-by: Earl Warren <contact@earl-warren.org>
---
 act/container/host_environment.go | 10 +++++-----
 act/runner/run_context.go         |  9 ++++-----
 internal/app/run/runner_test.go   |  2 +-
 3 files changed, 10 insertions(+), 11 deletions(-)

diff --git a/act/container/host_environment.go b/act/container/host_environment.go
index c8742008..34d24b9b 100644
--- a/act/container/host_environment.go
+++ b/act/container/host_environment.go
@@ -34,7 +34,6 @@ type HostEnvironment struct {
 	Workdir   string
 	ActPath   string
 	Root      string
-	CleanUp   func()
 	StdOut    io.Writer
 	LXC       bool
 }
@@ -404,11 +403,12 @@ func (e *HostEnvironment) UpdateFromEnv(srcPath string, env *map[string]string)
 
 func (e *HostEnvironment) Remove() common.Executor {
 	return func(ctx context.Context) error {
-		if e.CleanUp != nil {
-			e.CleanUp()
+		if e.GetLXC() {
+			// there may be files owned by root: removal
+			// is the responsibility of the LXC backend
+			return nil
 		}
-		common.Logger(ctx).Debugf("HostEnvironment.Remove %s", e.Path)
-		return os.RemoveAll(e.Path)
+		return os.RemoveAll(e.Root)
 	}
 }
 
diff --git a/act/runner/run_context.go b/act/runner/run_context.go
index bb79ad3a..59fcf6f8 100644
--- a/act/runner/run_context.go
+++ b/act/runner/run_context.go
@@ -248,6 +248,8 @@ var stopTemplate = template.Must(template.New("stop").Parse(`#!/bin/bash
 source $(dirname $0)/lxc-helpers-lib.sh
 
 lxc_container_destroy "{{.Name}}"
+lxc_maybe_sudo
+$LXC_SUDO rm -fr "{{ .Root }}"
 `))
 
 func (rc *RunContext) stopHostEnvironment(ctx context.Context) error {
@@ -314,11 +316,8 @@ func (rc *RunContext) startHostEnvironment() common.Executor {
 			ToolCache: rc.getToolCache(ctx),
 			Workdir:   rc.Config.Workdir,
 			ActPath:   actPath,
-			CleanUp: func() {
-				os.RemoveAll(miscpath)
-			},
-			StdOut: logWriter,
-			LXC:    rc.IsLXCHostEnv(ctx),
+			StdOut:    logWriter,
+			LXC:       rc.IsLXCHostEnv(ctx),
 		}
 		rc.cleanUpJobContainer = func(ctx context.Context) error {
 			if err := rc.stopHostEnvironment(ctx); err != nil {
diff --git a/internal/app/run/runner_test.go b/internal/app/run/runner_test.go
index eda5de9e..bbd6c235 100644
--- a/internal/app/run/runner_test.go
+++ b/internal/app/run/runner_test.go
@@ -491,7 +491,7 @@ jobs:
   job:
     runs-on: lxc
     steps:
-      - run: echo OK
+      - run: mkdir -p some/directory/owned/by/root
 `
 		runWorkflow(ctx, cancel, workflow, "push", "refs/heads/main", "OK")
 	})