Skip to content

runtime/v2: avoid symlink for bundle work dir on Windows#12949

Draft
chelnak wants to merge 1 commit intocontainerd:mainfrom
chelnak:windows_junctions
Draft

runtime/v2: avoid symlink for bundle work dir on Windows#12949
chelnak wants to merge 1 commit intocontainerd:mainfrom
chelnak:windows_junctions

Conversation

@chelnak
Copy link

@chelnak chelnak commented Feb 27, 2026

Creating symlinks on Windows requires higher privileges or Developer Mode.

This change replaces the direct os.Symlink/os.Readlink calls with platform-specific helpers:

  • Unix keeps the existing symlink behavior
  • Windows uses a junction which does not require extra privileges

@github-project-automation github-project-automation bot moved this to Needs Triage in Pull Request Review Feb 27, 2026
@chelnak chelnak mentioned this pull request Feb 27, 2026
Open
@chelnak
runtime/v2: avoid symlink for bundle work dir on Windows
9ce016c 
Creating symlinks on Windows requires administrator privileges or
Developer Mode. Replace the direct os.Symlink/os.Readlink calls with
platform-specific helpers: unix keeps the existing symlink behavior,
while Windows creates a directory junction using go-winio, which does
not require elevated privileges.

os.Readlink works for both symlinks and junctions, so resolveWorkLink
uses it on both platforms.

Fixes "A required privilege is not held by the client" error when
creating containerd tasks on Windows without elevated privileges.

Signed-off-by: Craig Gumbley <craiggumbley@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

do-not-merge/work-in-progress size/L

Projects

Pull Request Review
Status: Needs Triage

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@chelnak @k8s-ci-robot