diff options
author | Matthew Heon <matthew.heon@pm.me> | 2019-02-21 09:42:22 -0500 |
---|---|---|
committer | Matthew Heon <matthew.heon@pm.me> | 2019-02-26 09:37:00 -0500 |
commit | d41d8d090e330fe2f0a3c75d24c409d9c345f841 (patch) | |
tree | af3c98f4ff6b6874202990e13131a4dbc9566950 /libpod | |
parent | da70c9db6fb92c69d722d51873840c4e54dbe86d (diff) | |
download | podman-d41d8d090e330fe2f0a3c75d24c409d9c345f841.tar.gz podman-d41d8d090e330fe2f0a3c75d24c409d9c345f841.tar.bz2 podman-d41d8d090e330fe2f0a3c75d24c409d9c345f841.zip |
Validate VolumePath against DB configuration
If this doesn't match, we end up not being able to access named
volumes mounted into containers, which is bad. Use the same
validation that we use for other critical paths to ensure this
one also matches.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
Diffstat (limited to 'libpod')
-rw-r--r-- | libpod/boltdb_state.go | 2 | ||||
-rw-r--r-- | libpod/boltdb_state_internal.go | 11 | ||||
-rw-r--r-- | libpod/options.go | 2 | ||||
-rw-r--r-- | libpod/runtime.go | 5 | ||||
-rw-r--r-- | libpod/state.go | 1 |
5 files changed, 19 insertions, 2 deletions
diff --git a/libpod/boltdb_state.go b/libpod/boltdb_state.go index 25ef5cd0e..c226a0617 100644 --- a/libpod/boltdb_state.go +++ b/libpod/boltdb_state.go @@ -261,12 +261,14 @@ func (s *BoltState) GetDBConfig() (*DBConfig, error) { storageRoot := configBucket.Get(graphRootKey) storageTmp := configBucket.Get(runRootKey) graphDriver := configBucket.Get(graphDriverKey) + volumePath := configBucket.Get(volPathKey) cfg.LibpodRoot = string(libpodRoot) cfg.LibpodTmp = string(libpodTmp) cfg.StorageRoot = string(storageRoot) cfg.StorageTmp = string(storageTmp) cfg.GraphDriver = string(graphDriver) + cfg.VolumePath = string(volumePath) return nil }) diff --git a/libpod/boltdb_state_internal.go b/libpod/boltdb_state_internal.go index 3d749849d..936ccbf4c 100644 --- a/libpod/boltdb_state_internal.go +++ b/libpod/boltdb_state_internal.go @@ -38,6 +38,7 @@ const ( graphRootName = "graph-root" graphDriverName = "graph-driver-name" osName = "os" + volPathName = "volume-path" ) var ( @@ -67,6 +68,7 @@ var ( graphRootKey = []byte(graphRootName) graphDriverKey = []byte(graphDriverName) osKey = []byte(osName) + volPathKey = []byte(volPathName) ) // Check if the configuration of the database is compatible with the @@ -105,10 +107,15 @@ func checkRuntimeConfig(db *bolt.DB, rt *Runtime) error { return err } - return validateDBAgainstConfig(configBkt, "storage graph driver", + if err := validateDBAgainstConfig(configBkt, "storage graph driver", rt.config.StorageConfig.GraphDriverName, graphDriverKey, - storage.DefaultStoreOptions.GraphDriverName) + storage.DefaultStoreOptions.GraphDriverName); err != nil { + return err + } + + return validateDBAgainstConfig(configBkt, "volume path", + rt.config.VolumePath, volPathKey, "") }) return err diff --git a/libpod/options.go b/libpod/options.go index 675ebffda..184d5d59f 100644 --- a/libpod/options.go +++ b/libpod/options.go @@ -50,6 +50,7 @@ func WithStorageConfig(config storage.StoreOptions) RuntimeOption { // Also set libpod volume path, so we are a subdirectory // of the c/storage store by default rt.config.VolumePath = filepath.Join(config.GraphRoot, "volumes") + rt.configuredFrom.volPathSet = true setField = true } @@ -363,6 +364,7 @@ func WithVolumePath(volPath string) RuntimeOption { } rt.config.VolumePath = volPath + rt.configuredFrom.volPathSet = true return nil } diff --git a/libpod/runtime.go b/libpod/runtime.go index 762cea32f..6e250b7a0 100644 --- a/libpod/runtime.go +++ b/libpod/runtime.go @@ -235,6 +235,7 @@ type runtimeConfiguredFrom struct { storageRunRootSet bool libpodStaticDirSet bool libpodTmpDirSet bool + volPathSet bool } var ( @@ -645,12 +646,16 @@ func makeRuntime(runtime *Runtime) (err error) { if !runtime.configuredFrom.libpodTmpDirSet && dbConfig.LibpodTmp != "" { runtime.config.TmpDir = dbConfig.LibpodTmp } + if !runtime.configuredFrom.volPathSet && dbConfig.VolumePath != "" { + runtime.config.VolumePath = dbConfig.VolumePath + } logrus.Debugf("Using graph driver %s", runtime.config.StorageConfig.GraphDriverName) logrus.Debugf("Using graph root %s", runtime.config.StorageConfig.GraphRoot) logrus.Debugf("Using run root %s", runtime.config.StorageConfig.RunRoot) logrus.Debugf("Using static dir %s", runtime.config.StaticDir) logrus.Debugf("Using tmp dir %s", runtime.config.TmpDir) + logrus.Debugf("Using volume path %s", runtime.config.VolumePath) // Validate our config against the database, now that we've set our // final storage configuration diff --git a/libpod/state.go b/libpod/state.go index 98282fc83..4296fc3cd 100644 --- a/libpod/state.go +++ b/libpod/state.go @@ -8,6 +8,7 @@ type DBConfig struct { StorageRoot string StorageTmp string GraphDriver string + VolumePath string } // State is a storage backend for libpod's current state. |