summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGiuseppe Scrivano <gscrivan@redhat.com>2019-03-20 12:03:51 +0100
committerGiuseppe Scrivano <gscrivan@redhat.com>2019-03-21 20:14:41 +0100
commitbf10fac19371f295dab3038b5042483f595c68f3 (patch)
tree61829578885fb9659e1cd8ba4af8b7d6387fc806
parente31a3d3841bf8cf07886b831640fcb66d4440215 (diff)
downloadpodman-bf10fac19371f295dab3038b5042483f595c68f3.tar.gz
podman-bf10fac19371f295dab3038b5042483f595c68f3.tar.bz2
podman-bf10fac19371f295dab3038b5042483f595c68f3.zip
volume: create new volumes with right ownership
when we create a new volume we must be sure it is owned by root in the container. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
-rw-r--r--libpod/runtime_ctr.go5
1 files changed, 4 insertions, 1 deletions
diff --git a/libpod/runtime_ctr.go b/libpod/runtime_ctr.go
index 3b74a65dd..f23dc86dd 100644
--- a/libpod/runtime_ctr.go
+++ b/libpod/runtime_ctr.go
@@ -186,8 +186,11 @@ func (r *Runtime) newContainer(ctx context.Context, rSpec *spec.Spec, options ..
return nil, errors.Wrapf(err, "error creating named volume %q", vol.Source)
}
ctr.config.Spec.Mounts[i].Source = newVol.MountPoint()
+ if err := os.Chown(ctr.config.Spec.Mounts[i].Source, ctr.RootUID(), ctr.RootGID()); err != nil {
+ return nil, errors.Wrapf(err, "cannot chown %q to %d:%d", ctr.config.Spec.Mounts[i].Source, ctr.RootUID(), ctr.RootGID())
+ }
if err := ctr.copyWithTarFromImage(ctr.config.Spec.Mounts[i].Destination, ctr.config.Spec.Mounts[i].Source); err != nil && !os.IsNotExist(err) {
- return nil, errors.Wrapf(err, "Failed to copy content into new volume mount %q", vol.Source)
+ return nil, errors.Wrapf(err, "failed to copy content into new volume mount %q", vol.Source)
}
continue
}