aboutsummaryrefslogtreecommitdiff
path: root/libpod/volume.go
diff options
context:
space:
mode:
authorGiuseppe Scrivano <gscrivan@redhat.com>2020-06-24 14:44:28 +0200
committerGiuseppe Scrivano <gscrivan@redhat.com>2020-06-29 17:58:50 +0200
commitb32172e20bbb701e924684ee7ef443748a4f112b (patch)
tree01a05f446b5bde43bd174591e909d136576bed50 /libpod/volume.go
parent688cc0aee3f031661b930811b2d95df1d6c601ac (diff)
downloadpodman-b32172e20bbb701e924684ee7ef443748a4f112b.tar.gz
podman-b32172e20bbb701e924684ee7ef443748a4f112b.tar.bz2
podman-b32172e20bbb701e924684ee7ef443748a4f112b.zip
container: move volume chown after spec generation
move the chown for newly created volumes after the spec generation so the correct UID/GID are known. Closes: https://github.com/containers/libpod/issues/5698 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Diffstat (limited to 'libpod/volume.go')
-rw-r--r--libpod/volume.go36
1 files changed, 32 insertions, 4 deletions
diff --git a/libpod/volume.go b/libpod/volume.go
index 82f389833..ac5f61255 100644
--- a/libpod/volume.go
+++ b/libpod/volume.go
@@ -64,6 +64,14 @@ type VolumeState struct {
// create time, then cleared after the copy up is done and never set
// again.
NeedsCopyUp bool `json:"notYetMounted,omitempty"`
+ // NeedsChown indicates that the next time the volume is mounted into
+ // a container, the container will chown the volume to the container process
+ // UID/GID.
+ NeedsChown bool `json:"notYetChowned,omitempty"`
+ // UIDChowned is the UID the volume was chowned to.
+ UIDChowned int `json:"uidChowned,omitempty"`
+ // GIDChowned is the GID the volume was chowned to.
+ GIDChowned int `json:"gidChowned,omitempty"`
}
// Name retrieves the volume's name
@@ -113,13 +121,33 @@ func (v *Volume) Anonymous() bool {
}
// UID returns the UID the volume will be created as.
-func (v *Volume) UID() int {
- return v.config.UID
+func (v *Volume) UID() (int, error) {
+ v.lock.Lock()
+ defer v.lock.Unlock()
+
+ if !v.valid {
+ return -1, define.ErrVolumeRemoved
+ }
+
+ if v.state.UIDChowned > 0 {
+ return v.state.UIDChowned, nil
+ }
+ return v.config.UID, nil
}
// GID returns the GID the volume will be created as.
-func (v *Volume) GID() int {
- return v.config.GID
+func (v *Volume) GID() (int, error) {
+ v.lock.Lock()
+ defer v.lock.Unlock()
+
+ if !v.valid {
+ return -1, define.ErrVolumeRemoved
+ }
+
+ if v.state.GIDChowned > 0 {
+ return v.state.GIDChowned, nil
+ }
+ return v.config.GID, nil
}
// CreatedTime returns the time the volume was created at. It was not tracked