summaryrefslogtreecommitdiff
path: root/pkg
diff options
context:
space:
mode:
authorMatthew Heon <matthew.heon@pm.me>2019-09-19 11:09:59 -0400
committerMatthew Heon <matthew.heon@pm.me>2019-09-19 11:09:59 -0400
commit720d8c9e3f22dbc9acac814625de31df9196cb46 (patch)
tree74d6a82dcf1111bc3dcc8e92fe7c932632d06b27 /pkg
parent408f2780a1dd94f99fe36be4573a9887e6c74cf7 (diff)
downloadpodman-720d8c9e3f22dbc9acac814625de31df9196cb46.tar.gz
podman-720d8c9e3f22dbc9acac814625de31df9196cb46.tar.bz2
podman-720d8c9e3f22dbc9acac814625de31df9196cb46.zip
Clean destination paths during mount generation
We identify and resolve conflicts in paths using destination path matches. We require exact matches, largely for performance reasons (we use maps to efficiently access, keyed by destination). This usually works fine, until you get mounts that are targetted at /output and /output/ - the same path, but not the same string. Use filepath.Clean() aggressively to try and solve this. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
Diffstat (limited to 'pkg')
-rw-r--r--pkg/spec/storage.go20
1 files changed, 12 insertions, 8 deletions
diff --git a/pkg/spec/storage.go b/pkg/spec/storage.go
index cc091dcee..3d59d70d8 100644
--- a/pkg/spec/storage.go
+++ b/pkg/spec/storage.go
@@ -220,6 +220,7 @@ func (config *CreateConfig) parseVolumes(runtime *libpod.Runtime) ([]spec.Mount,
// volumes, and return a list of them.
// Conflicts are resolved simply - the last container specified wins.
// Container names may be suffixed by mount options after a colon.
+// TODO: We should clean these paths if possible
func (config *CreateConfig) getVolumesFrom(runtime *libpod.Runtime) (map[string]spec.Mount, map[string]*libpod.ContainerNamedVolume, error) {
// Both of these are maps of mount destination to mount type.
// We ensure that each destination is only mounted to once in this way.
@@ -465,7 +466,7 @@ func getBindMount(args []string) (spec.Mount, error) {
if err := parse.ValidateVolumeCtrDir(kv[1]); err != nil {
return newMount, err
}
- newMount.Destination = kv[1]
+ newMount.Destination = filepath.Clean(kv[1])
setDest = true
case "relabel":
if setRelabel {
@@ -559,7 +560,7 @@ func getTmpfsMount(args []string) (spec.Mount, error) {
if err := parse.ValidateVolumeCtrDir(kv[1]); err != nil {
return newMount, err
}
- newMount.Destination = kv[1]
+ newMount.Destination = filepath.Clean(kv[1])
setDest = true
default:
return newMount, errors.Wrapf(util.ErrBadMntOption, kv[0])
@@ -623,7 +624,7 @@ func getNamedVolume(args []string) (*libpod.ContainerNamedVolume, error) {
if err := parse.ValidateVolumeCtrDir(kv[1]); err != nil {
return nil, err
}
- newVolume.Dest = kv[1]
+ newVolume.Dest = filepath.Clean(kv[1])
setDest = true
default:
return nil, errors.Wrapf(util.ErrBadMntOption, kv[0])
@@ -678,10 +679,12 @@ func (config *CreateConfig) getVolumeMounts() (map[string]spec.Mount, map[string
return nil, nil, err
}
+ cleanDest := filepath.Clean(dest)
+
if strings.HasPrefix(src, "/") || strings.HasPrefix(src, ".") {
// This is not a named volume
newMount := spec.Mount{
- Destination: dest,
+ Destination: cleanDest,
Type: string(TypeBind),
Source: src,
Options: options,
@@ -694,7 +697,7 @@ func (config *CreateConfig) getVolumeMounts() (map[string]spec.Mount, map[string
// This is a named volume
newNamedVol := new(libpod.ContainerNamedVolume)
newNamedVol.Name = src
- newNamedVol.Dest = dest
+ newNamedVol.Dest = cleanDest
newNamedVol.Options = options
if _, ok := volumes[newNamedVol.Dest]; ok {
@@ -719,10 +722,11 @@ func (config *CreateConfig) getImageVolumes() (map[string]spec.Mount, map[string
}
for vol := range config.BuiltinImgVolumes {
+ cleanDest := filepath.Clean(vol)
if config.ImageVolumeType == "tmpfs" {
// Tmpfs image volumes are handled as mounts
mount := spec.Mount{
- Destination: vol,
+ Destination: cleanDest,
Source: TypeTmpfs,
Type: TypeTmpfs,
Options: []string{"rprivate", "rw", "nodev"},
@@ -732,7 +736,7 @@ func (config *CreateConfig) getImageVolumes() (map[string]spec.Mount, map[string
namedVolume := new(libpod.ContainerNamedVolume)
namedVolume.Name = stringid.GenerateNonCryptoID()
namedVolume.Options = []string{"rprivate", "rw", "nodev"}
- namedVolume.Dest = vol
+ namedVolume.Dest = cleanDest
volumes[vol] = namedVolume
}
}
@@ -760,7 +764,7 @@ func (config *CreateConfig) getTmpfsMounts() (map[string]spec.Mount, error) {
}
mount := spec.Mount{
- Destination: destPath,
+ Destination: filepath.Clean(destPath),
Type: string(TypeTmpfs),
Options: options,
Source: string(TypeTmpfs),