Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Panic just after Session was successfully started #75

Open
Kinjalrk2k opened this issue Jun 27, 2023 · 1 comment
Open

Panic just after Session was successfully started #75

Kinjalrk2k opened this issue Jun 27, 2023 · 1 comment

Comments

@Kinjalrk2k
Copy link

The Problem

I'm trying to use session-manager-plugin to log into my ECS Fargate containers and I face the following issue:

Starting session with SessionId: ecs-execute-command-*****************
root@ip-***-***-***-***:/src# panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x2 addr=0x18 pc=0x102584cec]

goroutine 1 [running]:
github.com/aws/session-manager-plugin/src/sessionmanagerplugin/session.glob..func2(0x140001a0340, {0x102980dd0, 0x140001d6760})
	/Users/kinjal/go/pkg/mod/github.com/aws/session-manager-plugin@v0.0.0-20230315220744-7b544e9f381d/src/sessionmanagerplugin/session/session.go:98 +0x5c
github.com/aws/session-manager-plugin/src/sessionmanagerplugin/session.(*Session).Execute(0x140001a0340, {0x102980dd0, 0x140001d6760})
	/Users/kinjal/go/pkg/mod/github.com/aws/session-manager-plugin@v0.0.0-20230315220744-7b544e9f381d/src/sessionmanagerplugin/session/session.go:233 +0x21c
github.com/wingsure-inc/sshing/sshing.EcsExec()
	/Users/kinjal/Desktop/DRIVE/WORK/sshing/sshing/aws.go:179 +0xa40
main.main()
	/Users/kinjal/Desktop/DRIVE/WORK/sshing/main.go:9 +0x1c
exit status 2

Sensitive information have been masked with ***

From the log line above, I can see that the session was successfully started. The line root@ip-***-***-***-***:/src# clearly depicts the same. I also confirmed through the Session Manager in AWS Console (https://ap-south-1.console.aws.amazon.com/systems-manager/session-manager/sessions?region=ap-south-1) that the sessions were started successfully. However as soon as the session is created, it panics somehow!

More information

I've setup the session in the following fashion:

var ssmSession session.Session
ssmSession.SessionId = *output.Session.SessionId
ssmSession.StreamUrl = *output.Session.StreamUrl
ssmSession.TokenValue = *output.Session.TokenValue
ssmSession.Endpoint = endpoint.URL
ssmSession.TargetId = fmt.Sprintf("ecs:%v_%v_%v", clusterName, taskId, containerRuntimeId)
ssmSession.ClientId = uuid.NewV4().String()
ssmSession.DataChannel = &datachannel.DataChannel{}
// ssmSession.SessionType = "NonInteractiveCommands"

log := log.Logger(true, ssmSession.ClientId)
err = ssmSession.Execute(log)
HandleErr(err)

The above code is inspired by this:

clientId := uuid.NewV4().String()
switch operationName {
case StartSessionOperation:
if err = json.Unmarshal(response, &startSessionOutput); err != nil {
log.Errorf("Cannot perform start session: %v", err)
fmt.Fprintf(out, "Cannot perform start session: %v\n", err)
return
}
session.SessionId = *startSessionOutput.SessionId
session.StreamUrl = *startSessionOutput.StreamUrl
session.TokenValue = *startSessionOutput.TokenValue
session.Endpoint = ssmEndpoint
session.ClientId = clientId
session.TargetId = target
session.DataChannel = &datachannel.DataChannel{}
default:
fmt.Fprint(out, "Invalid Operation")
return
}
if err = startSession(&session, log); err != nil {
log.Errorf("Cannot perform start session: %v", err)
fmt.Fprintf(out, "Cannot perform start session: %v\n", err)
return
}

AWS CLI

However, when I try to log into the container through aws-cli using this command, it works:

aws ecs execute-command --region <region> --cluster <cluster-name> --task <task-id> --container <container-name> --command "/bin/bash" --interactive

Digging into the aws-cli code, I find that it invokes session-manager-plugin as a subprocess rather than implementing it programmatically:
https://github.com/aws/aws-cli/blob/5218ac17b8141e1a15afed9e644904a6a1081b7d/awscli/customizations/ecs/executecommand.py#L103-L111

My Goal

I wish to log into my ECS Fargate containers programmatically! My goal is to reverse-engineer aws-cli and session-manager-plugin so that they work together

Any help would be appreciated. Thanks in advanced!

@mtolhurst
Copy link

I just ran into this same issue.

To solve it, add an import in on the session types that you require, similar to

_ "github.com/aws/session-manager-plugin/src/sessionmanagerplugin/session/portsession"
_ "github.com/aws/session-manager-plugin/src/sessionmanagerplugin/session/shellsession"

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants