diff options
author | dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> | 2021-06-03 09:34:37 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-06-03 09:34:37 +0000 |
commit | 48ea142ca5a94a386593802b8068ce53de72b3ec (patch) | |
tree | e2c5590ea5ac2b08ff298fa8b4c00ac4f4a7b3e2 /vendor/github.com | |
parent | b64e20a53d3f5de262f2c475be490b35977d5f32 (diff) | |
download | podman-48ea142ca5a94a386593802b8068ce53de72b3ec.tar.gz podman-48ea142ca5a94a386593802b8068ce53de72b3ec.tar.bz2 podman-48ea142ca5a94a386593802b8068ce53de72b3ec.zip |
Bump github.com/docker/docker
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.6+incompatible to 20.10.7+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/docker/docker/compare/v20.10.6...v20.10.7)
---
updated-dependencies:
- dependency-name: github.com/docker/docker
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Diffstat (limited to 'vendor/github.com')
-rw-r--r-- | vendor/github.com/docker/docker/pkg/archive/archive.go | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/vendor/github.com/docker/docker/pkg/archive/archive.go b/vendor/github.com/docker/docker/pkg/archive/archive.go index 8d14b7869..50b83c62c 100644 --- a/vendor/github.com/docker/docker/pkg/archive/archive.go +++ b/vendor/github.com/docker/docker/pkg/archive/archive.go @@ -402,10 +402,24 @@ func fillGo18FileTypeBits(mode int64, fi os.FileInfo) int64 { // ReadSecurityXattrToTarHeader reads security.capability xattr from filesystem // to a tar header func ReadSecurityXattrToTarHeader(path string, hdr *tar.Header) error { + const ( + // Values based on linux/include/uapi/linux/capability.h + xattrCapsSz2 = 20 + versionOffset = 3 + vfsCapRevision2 = 2 + vfsCapRevision3 = 3 + ) capability, _ := system.Lgetxattr(path, "security.capability") if capability != nil { + length := len(capability) + if capability[versionOffset] == vfsCapRevision3 { + // Convert VFS_CAP_REVISION_3 to VFS_CAP_REVISION_2 as root UID makes no + // sense outside the user namespace the archive is built in. + capability[versionOffset] = vfsCapRevision2 + length = xattrCapsSz2 + } hdr.Xattrs = make(map[string]string) - hdr.Xattrs["security.capability"] = string(capability) + hdr.Xattrs["security.capability"] = string(capability[:length]) } return nil } |