summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--go.mod2
-rw-r--r--go.sum4
-rwxr-xr-xhack/libsubid_tag.sh10
-rw-r--r--vendor/github.com/containers/storage/go.mod2
-rw-r--r--vendor/github.com/containers/storage/go.sum3
-rw-r--r--vendor/github.com/containers/storage/layers.go43
-rw-r--r--vendor/github.com/containers/storage/pkg/homedir/homedir.go52
-rw-r--r--vendor/github.com/containers/storage/pkg/homedir/homedir_others.go15
-rw-r--r--vendor/github.com/containers/storage/pkg/homedir/homedir_unix.go45
-rw-r--r--vendor/github.com/containers/storage/pkg/homedir/homedir_windows.go7
-rw-r--r--vendor/github.com/containers/storage/pkg/idtools/idtools_supported.go10
-rw-r--r--vendor/github.com/containers/storage/types/options.go33
-rw-r--r--vendor/modules.txt2
13 files changed, 142 insertions, 86 deletions
diff --git a/go.mod b/go.mod
index 663bad753..7e2226c91 100644
--- a/go.mod
+++ b/go.mod
@@ -17,7 +17,7 @@ require (
github.com/containers/image/v5 v5.17.1-0.20211207161909-6f3c8453e1a7
github.com/containers/ocicrypt v1.1.2
github.com/containers/psgo v1.7.1
- github.com/containers/storage v1.37.1-0.20211130181259-1a158c89a518
+ github.com/containers/storage v1.37.1-0.20211213220314-73a749e4fec5
github.com/coreos/go-systemd/v22 v22.3.2
github.com/coreos/stream-metadata-go v0.0.0-20210225230131-70edb9eb47b3
github.com/cyphar/filepath-securejoin v0.2.3
diff --git a/go.sum b/go.sum
index 0f832d974..a4c155ed1 100644
--- a/go.sum
+++ b/go.sum
@@ -308,8 +308,8 @@ github.com/containers/storage v1.35.0/go.mod h1:qzYhasQP2/V9D9XdO+vRwkHBhsBO0ozn
github.com/containers/storage v1.36.0/go.mod h1:vbd3SKVQNHdmU5qQI6hTEcKPxnZkGqydG4f6uwrI5a8=
github.com/containers/storage v1.37.0/go.mod h1:kqeJeS0b7DO2ZT1nVWs0XufrmPFbgV3c+Q/45RlH6r4=
github.com/containers/storage v1.37.1-0.20211119174841-bf170b3ddac0/go.mod h1:XjCNlt5JUUmRuTJXhFxHb9hHGPho7DNg3o4N/14prdQ=
-github.com/containers/storage v1.37.1-0.20211130181259-1a158c89a518 h1:p44O35V8XCefRxOxU1aY6eT9XNMxkWA1drtJpsl211c=
-github.com/containers/storage v1.37.1-0.20211130181259-1a158c89a518/go.mod h1:T5DX08T/eKKRs0WGDhC/ztngMSth6YuHq15eF8C/Y5A=
+github.com/containers/storage v1.37.1-0.20211213220314-73a749e4fec5 h1:DOpYQGCHIJfrErey3FyondnZGfZrbfGpHAN6nQssE1o=
+github.com/containers/storage v1.37.1-0.20211213220314-73a749e4fec5/go.mod h1:5qRpx96WJRTCQCsArfrWjUh398JSNCaTJG6RbOhMlqY=
github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk=
github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE=
github.com/coreos/etcd v3.3.13+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE=
diff --git a/hack/libsubid_tag.sh b/hack/libsubid_tag.sh
index ab6af9e30..31412b3e6 100755
--- a/hack/libsubid_tag.sh
+++ b/hack/libsubid_tag.sh
@@ -7,9 +7,19 @@ mkdir -p "$tmpdir"
trap 'rm -fr "$tmpdir"' EXIT
cc -o "$tmpdir"/libsubid_tag -l subid -x c - > /dev/null 2> /dev/null << EOF
#include <shadow/subid.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+const char *Prog = "test";
+FILE *shadow_logfd = NULL;
+
int main() {
struct subid_range *ranges = NULL;
+#if SUBID_ABI_MAJOR >= 4
+ subid_get_uid_ranges("root", &ranges);
+#else
get_subuid_ranges("root", &ranges);
+#endif
free(ranges);
return 0;
}
diff --git a/vendor/github.com/containers/storage/go.mod b/vendor/github.com/containers/storage/go.mod
index 57b634f17..96ca1f0b2 100644
--- a/vendor/github.com/containers/storage/go.mod
+++ b/vendor/github.com/containers/storage/go.mod
@@ -18,7 +18,7 @@ require (
github.com/mistifyio/go-zfs v2.1.2-0.20190413222219-f784269be439+incompatible
github.com/moby/sys/mountinfo v0.5.0
github.com/opencontainers/go-digest v1.0.0
- github.com/opencontainers/runc v1.0.2
+ github.com/opencontainers/runc v1.0.3
github.com/opencontainers/runtime-spec v1.0.3-0.20210326190908-1c3f411f0417
github.com/opencontainers/selinux v1.10.0
github.com/pkg/errors v0.9.1
diff --git a/vendor/github.com/containers/storage/go.sum b/vendor/github.com/containers/storage/go.sum
index 94d46b21a..c7262fe7a 100644
--- a/vendor/github.com/containers/storage/go.sum
+++ b/vendor/github.com/containers/storage/go.sum
@@ -514,8 +514,9 @@ github.com/opencontainers/runc v0.1.1/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59P
github.com/opencontainers/runc v1.0.0-rc8.0.20190926000215-3e425f80a8c9/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U=
github.com/opencontainers/runc v1.0.0-rc9/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U=
github.com/opencontainers/runc v1.0.0-rc93/go.mod h1:3NOsor4w32B2tC0Zbl8Knk4Wg84SM2ImC1fxBuqJ/H0=
-github.com/opencontainers/runc v1.0.2 h1:opHZMaswlyxz1OuGpBE53Dwe4/xF7EZTY0A2L/FpCOg=
github.com/opencontainers/runc v1.0.2/go.mod h1:aTaHFFwQXuA71CiyxOdFFIorAoemI04suvGRQFzWTD0=
+github.com/opencontainers/runc v1.0.3 h1:1hbqejyQWCJBvtKAfdO0b1FmaEf2z/bxnjqbARass5k=
+github.com/opencontainers/runc v1.0.3/go.mod h1:aTaHFFwQXuA71CiyxOdFFIorAoemI04suvGRQFzWTD0=
github.com/opencontainers/runtime-spec v0.1.2-0.20190507144316-5b71a03e2700/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
github.com/opencontainers/runtime-spec v1.0.1/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
github.com/opencontainers/runtime-spec v1.0.2-0.20190207185410-29686dbc5559/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
diff --git a/vendor/github.com/containers/storage/layers.go b/vendor/github.com/containers/storage/layers.go
index fbf6ad362..e2357c540 100644
--- a/vendor/github.com/containers/storage/layers.go
+++ b/vendor/github.com/containers/storage/layers.go
@@ -23,6 +23,7 @@ import (
"github.com/containers/storage/pkg/system"
"github.com/containers/storage/pkg/tarlog"
"github.com/containers/storage/pkg/truncindex"
+ multierror "github.com/hashicorp/go-multierror"
"github.com/klauspost/pgzip"
digest "github.com/opencontainers/go-digest"
"github.com/opencontainers/selinux/go-selinux/label"
@@ -1463,34 +1464,48 @@ func (r *layerStore) Diff(from, to string, options *DiffOptions) (io.ReadCloser,
}
return maybeCompressReadCloser(diff)
}
- defer tsfile.Close()
decompressor, err := pgzip.NewReader(tsfile)
if err != nil {
- return nil, err
- }
- defer decompressor.Close()
-
- tsbytes, err := ioutil.ReadAll(decompressor)
- if err != nil {
+ if e := tsfile.Close(); e != nil {
+ logrus.Debug(e)
+ }
return nil, err
}
- metadata = storage.NewJSONUnpacker(bytes.NewBuffer(tsbytes))
+ metadata = storage.NewJSONUnpacker(decompressor)
fgetter, err := r.newFileGetter(to)
if err != nil {
- return nil, err
+ errs := multierror.Append(nil, errors.Wrapf(err, "creating file-getter"))
+ if err := decompressor.Close(); err != nil {
+ errs = multierror.Append(errs, errors.Wrapf(err, "closing decompressor"))
+ }
+ if err := tsfile.Close(); err != nil {
+ errs = multierror.Append(errs, errors.Wrapf(err, "closing tarstream headers"))
+ }
+ return nil, errs.ErrorOrNil()
}
tarstream := asm.NewOutputTarStream(fgetter, metadata)
rc := ioutils.NewReadCloserWrapper(tarstream, func() error {
- err1 := tarstream.Close()
- err2 := fgetter.Close()
- if err2 == nil {
- return err1
+ var errs *multierror.Error
+ if err := decompressor.Close(); err != nil {
+ errs = multierror.Append(errs, errors.Wrapf(err, "closing decompressor"))
+ }
+ if err := tsfile.Close(); err != nil {
+ errs = multierror.Append(errs, errors.Wrapf(err, "closing tarstream headers"))
+ }
+ if err := tarstream.Close(); err != nil {
+ errs = multierror.Append(errs, errors.Wrapf(err, "closing reconstructed tarstream"))
+ }
+ if err := fgetter.Close(); err != nil {
+ errs = multierror.Append(errs, errors.Wrapf(err, "closing file-getter"))
+ }
+ if errs != nil {
+ return errs.ErrorOrNil()
}
- return err2
+ return nil
})
return maybeCompressReadCloser(rc)
}
diff --git a/vendor/github.com/containers/storage/pkg/homedir/homedir.go b/vendor/github.com/containers/storage/pkg/homedir/homedir.go
new file mode 100644
index 000000000..85c5e76c8
--- /dev/null
+++ b/vendor/github.com/containers/storage/pkg/homedir/homedir.go
@@ -0,0 +1,52 @@
+package homedir
+
+import (
+ "errors"
+ "os"
+ "path/filepath"
+)
+
+// GetConfigHome returns XDG_CONFIG_HOME.
+// GetConfigHome returns $HOME/.config and nil error if XDG_CONFIG_HOME is not set.
+//
+// See also https://standards.freedesktop.org/basedir-spec/latest/ar01s03.html
+func GetConfigHome() (string, error) {
+ if xdgConfigHome := os.Getenv("XDG_CONFIG_HOME"); xdgConfigHome != "" {
+ return xdgConfigHome, nil
+ }
+ home := Get()
+ if home == "" {
+ return "", errors.New("could not get either XDG_CONFIG_HOME or HOME")
+ }
+ return filepath.Join(home, ".config"), nil
+}
+
+// GetDataHome returns XDG_DATA_HOME.
+// GetDataHome returns $HOME/.local/share and nil error if XDG_DATA_HOME is not set.
+//
+// See also https://standards.freedesktop.org/basedir-spec/latest/ar01s03.html
+func GetDataHome() (string, error) {
+ if xdgDataHome := os.Getenv("XDG_DATA_HOME"); xdgDataHome != "" {
+ return xdgDataHome, nil
+ }
+ home := Get()
+ if home == "" {
+ return "", errors.New("could not get either XDG_DATA_HOME or HOME")
+ }
+ return filepath.Join(home, ".local", "share"), nil
+}
+
+// GetCacheHome returns XDG_CACHE_HOME.
+// GetCacheHome returns $HOME/.cache and nil error if XDG_CACHE_HOME is not set.
+//
+// See also https://standards.freedesktop.org/basedir-spec/latest/ar01s03.html
+func GetCacheHome() (string, error) {
+ if xdgCacheHome := os.Getenv("XDG_CACHE_HOME"); xdgCacheHome != "" {
+ return xdgCacheHome, nil
+ }
+ home := Get()
+ if home == "" {
+ return "", errors.New("could not get either XDG_CACHE_HOME or HOME")
+ }
+ return filepath.Join(home, ".cache"), nil
+}
diff --git a/vendor/github.com/containers/storage/pkg/homedir/homedir_others.go b/vendor/github.com/containers/storage/pkg/homedir/homedir_others.go
index 06b53854b..027db259c 100644
--- a/vendor/github.com/containers/storage/pkg/homedir/homedir_others.go
+++ b/vendor/github.com/containers/storage/pkg/homedir/homedir_others.go
@@ -18,18 +18,3 @@ func GetRuntimeDir() (string, error) {
func StickRuntimeDirContents(files []string) ([]string, error) {
return nil, errors.New("homedir.StickRuntimeDirContents() is not supported on this system")
}
-
-// GetDataHome is unsupported on non-linux system.
-func GetDataHome() (string, error) {
- return "", errors.New("homedir.GetDataHome() is not supported on this system")
-}
-
-// GetConfigHome is unsupported on non-linux system.
-func GetConfigHome() (string, error) {
- return "", errors.New("homedir.GetConfigHome() is not supported on this system")
-}
-
-// GetCacheHome is unsupported on non-linux system.
-func GetCacheHome() (string, error) {
- return "", errors.New("homedir.GetCacheHome() is not supported on this system")
-}
diff --git a/vendor/github.com/containers/storage/pkg/homedir/homedir_unix.go b/vendor/github.com/containers/storage/pkg/homedir/homedir_unix.go
index 2475e351b..33177bdf3 100644
--- a/vendor/github.com/containers/storage/pkg/homedir/homedir_unix.go
+++ b/vendor/github.com/containers/storage/pkg/homedir/homedir_unix.go
@@ -93,48 +93,3 @@ func stick(f string) error {
m |= os.ModeSticky
return os.Chmod(f, m)
}
-
-// GetDataHome returns XDG_DATA_HOME.
-// GetDataHome returns $HOME/.local/share and nil error if XDG_DATA_HOME is not set.
-//
-// See also https://standards.freedesktop.org/basedir-spec/latest/ar01s03.html
-func GetDataHome() (string, error) {
- if xdgDataHome := os.Getenv("XDG_DATA_HOME"); xdgDataHome != "" {
- return xdgDataHome, nil
- }
- home := Get()
- if home == "" {
- return "", errors.New("could not get either XDG_DATA_HOME or HOME")
- }
- return filepath.Join(home, ".local", "share"), nil
-}
-
-// GetConfigHome returns XDG_CONFIG_HOME.
-// GetConfigHome returns $HOME/.config and nil error if XDG_CONFIG_HOME is not set.
-//
-// See also https://standards.freedesktop.org/basedir-spec/latest/ar01s03.html
-func GetConfigHome() (string, error) {
- if xdgConfigHome := os.Getenv("XDG_CONFIG_HOME"); xdgConfigHome != "" {
- return xdgConfigHome, nil
- }
- home := Get()
- if home == "" {
- return "", errors.New("could not get either XDG_CONFIG_HOME or HOME")
- }
- return filepath.Join(home, ".config"), nil
-}
-
-// GetCacheHome returns XDG_CACHE_HOME.
-// GetCacheHome returns $HOME/.cache and nil error if XDG_CACHE_HOME is not set.
-//
-// See also https://standards.freedesktop.org/basedir-spec/latest/ar01s03.html
-func GetCacheHome() (string, error) {
- if xdgCacheHome := os.Getenv("XDG_CACHE_HOME"); xdgCacheHome != "" {
- return xdgCacheHome, nil
- }
- home := Get()
- if home == "" {
- return "", errors.New("could not get either XDG_CACHE_HOME or HOME")
- }
- return filepath.Join(home, ".cache"), nil
-}
diff --git a/vendor/github.com/containers/storage/pkg/homedir/homedir_windows.go b/vendor/github.com/containers/storage/pkg/homedir/homedir_windows.go
index 4f2615ed3..af65f2c03 100644
--- a/vendor/github.com/containers/storage/pkg/homedir/homedir_windows.go
+++ b/vendor/github.com/containers/storage/pkg/homedir/homedir_windows.go
@@ -17,7 +17,12 @@ func Key() string {
// environment variables depending on the target operating system.
// Returned path should be used with "path/filepath" to form new paths.
func Get() string {
- return os.Getenv(Key())
+ home := os.Getenv(Key())
+ if home != "" {
+ return home
+ }
+ home, _ = os.UserHomeDir()
+ return home
}
// GetShortcutString returns the string that is shortcut to user's home directory
diff --git a/vendor/github.com/containers/storage/pkg/idtools/idtools_supported.go b/vendor/github.com/containers/storage/pkg/idtools/idtools_supported.go
index db50a62e4..e444a1bcc 100644
--- a/vendor/github.com/containers/storage/pkg/idtools/idtools_supported.go
+++ b/vendor/github.com/containers/storage/pkg/idtools/idtools_supported.go
@@ -17,6 +17,12 @@ struct subid_range get_range(struct subid_range *ranges, int i)
{
return ranges[i];
}
+
+#if !defined(SUBID_ABI_MAJOR) || (SUBID_ABI_MAJOR < 4)
+# define subid_get_uid_ranges get_subuid_ranges
+# define subid_get_gid_ranges get_subgid_ranges
+#endif
+
*/
import "C"
@@ -32,9 +38,9 @@ func readSubid(username string, isUser bool) (ranges, error) {
var nRanges C.int
var cRanges *C.struct_subid_range
if isUser {
- nRanges = C.get_subuid_ranges(cUsername, &cRanges)
+ nRanges = C.subid_get_uid_ranges(cUsername, &cRanges)
} else {
- nRanges = C.get_subgid_ranges(cUsername, &cRanges)
+ nRanges = C.subid_get_gid_ranges(cUsername, &cRanges)
}
if nRanges < 0 {
return nil, errors.New("cannot read subids")
diff --git a/vendor/github.com/containers/storage/types/options.go b/vendor/github.com/containers/storage/types/options.go
index fe4274efd..7586cd5ae 100644
--- a/vendor/github.com/containers/storage/types/options.go
+++ b/vendor/github.com/containers/storage/types/options.go
@@ -27,6 +27,13 @@ type tomlConfig struct {
} `toml:"storage"`
}
+const (
+ // these are default path for run and graph root for rootful users
+ // for rootless path is constructed via getRootlessStorageOpts
+ defaultRunRoot string = "/run/containers/storage"
+ defaultGraphRoot string = "/var/lib/containers/storage"
+)
+
// defaultConfigFile path to the system wide storage.conf file
var (
defaultConfigFile = "/usr/share/containers/storage.conf"
@@ -36,9 +43,14 @@ var (
defaultStoreOptions StoreOptions
)
+const (
+ overlayDriver = "overlay"
+ overlay2 = "overlay2"
+)
+
func init() {
- defaultStoreOptions.RunRoot = "/run/containers/storage"
- defaultStoreOptions.GraphRoot = "/var/lib/containers/storage"
+ defaultStoreOptions.RunRoot = defaultRunRoot
+ defaultStoreOptions.GraphRoot = defaultGraphRoot
defaultStoreOptions.GraphDriverName = ""
if _, err := os.Stat(defaultOverrideConfigFile); err == nil {
@@ -53,6 +65,13 @@ func init() {
}
ReloadConfigurationFileIfNeeded(defaultConfigFile, &defaultStoreOptions)
}
+ // reload could set values to empty for run and graph root if config does not contains anything
+ if defaultStoreOptions.RunRoot == "" {
+ defaultStoreOptions.RunRoot = defaultRunRoot
+ }
+ if defaultStoreOptions.GraphRoot == "" {
+ defaultStoreOptions.GraphRoot = defaultGraphRoot
+ }
}
// defaultStoreOptionsIsolated is an internal implementation detail of DefaultStoreOptions to allow testing.
@@ -180,7 +199,6 @@ func isRootlessDriver(driver string) bool {
// getRootlessStorageOpts returns the storage opts for containers running as non root
func getRootlessStorageOpts(rootlessUID int, systemOpts StoreOptions) (StoreOptions, error) {
var opts StoreOptions
- const overlayDriver = "overlay"
dataDir, rootlessRuntime, err := getRootlessDirInfo(rootlessUID)
if err != nil {
@@ -202,6 +220,11 @@ func getRootlessStorageOpts(rootlessUID int, systemOpts StoreOptions) (StoreOpti
if driver := os.Getenv("STORAGE_DRIVER"); driver != "" {
opts.GraphDriverName = driver
}
+ if opts.GraphDriverName == overlay2 {
+ logrus.Warnf("Switching default driver from overlay2 to the equivalent overlay driver.")
+ opts.GraphDriverName = overlayDriver
+ }
+
if opts.GraphDriverName == "" || opts.GraphDriverName == overlayDriver {
supported, err := overlay.SupportsNativeOverlay(opts.GraphRoot, rootlessRuntime)
if err != nil {
@@ -307,6 +330,10 @@ func ReloadConfigurationFile(configFile string, storeOptions *StoreOptions) {
config.Storage.Driver = os.Getenv("STORAGE_DRIVER")
storeOptions.GraphDriverName = config.Storage.Driver
}
+ if storeOptions.GraphDriverName == overlay2 {
+ logrus.Warnf("Switching default driver from overlay2 to the equivalent overlay driver.")
+ storeOptions.GraphDriverName = overlayDriver
+ }
if storeOptions.GraphDriverName == "" {
logrus.Errorf("The storage 'driver' option must be set in %s, guarantee proper operation.", configFile)
}
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 02c8315fa..5302a7e50 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -220,7 +220,7 @@ github.com/containers/psgo/internal/dev
github.com/containers/psgo/internal/host
github.com/containers/psgo/internal/proc
github.com/containers/psgo/internal/process
-# github.com/containers/storage v1.37.1-0.20211130181259-1a158c89a518
+# github.com/containers/storage v1.37.1-0.20211213220314-73a749e4fec5
## explicit
github.com/containers/storage
github.com/containers/storage/drivers