azure: log a warning on network failure if non-root

This logs a warning about possible Azure-specific local firewalling if unable to reach Azure endpoints and running as non-root. Closes: coreos#95
bh7cw · Jul 29, 2020 · 2a3a29b · 2a3a29b
1 parent 34aed1f
commit 2a3a29b
Showing 1 changed file with 10 additions and 1 deletion.
diff --git a/src/providers/azure/mod.rs b/src/providers/azure/mod.rs
@@ -30,6 +30,7 @@ use crate::errors::*;
 use crate::network;
 use crate::providers::MetadataProvider;
 use crate::retry;
+use nix::unistd::Uid;
 
 #[cfg(test)]
 mod mock_tests;
@@ -216,7 +217,15 @@ impl Azure {
         // make sure the metadata service is compatible with our version
         azure
             .is_fabric_compatible(MS_VERSION)
-            .chain_err(|| "failed version compatibility check")?;
+            .map_err(|_| {
+                let user = Uid::current();
+                let root_or_not = Uid::is_root(user);
+                if !root_or_not {
+                    warn!("unable to reach Azure endpoints, please check whether firewall rules are blocking access to them");
+                }
+
+                "failed to get shared configuration: not found"
+            })?;
 
         // populate goalstate
         azure.goal_state = azure.get_goal_state()?;