diff options
Diffstat (limited to 'libpod')
| -rw-r--r-- | libpod/container_internal.go | 35 | ||||
| -rw-r--r-- | libpod/define/errors.go | 13 | ||||
| -rw-r--r-- | libpod/image/errors.go | 11 | ||||
| -rw-r--r-- | libpod/oci_conmon_exec_linux.go | 17 | ||||
| -rw-r--r-- | libpod/oci_conmon_linux.go | 17 |
5 files changed, 48 insertions, 45 deletions
diff --git a/libpod/container_internal.go b/libpod/container_internal.go index a5208a0df..f3f11f945 100644 --- a/libpod/container_internal.go +++ b/libpod/container_internal.go @@ -1534,9 +1534,6 @@ func (c *Container) chownVolume(volumeName string) error { return errors.Wrapf(err, "error retrieving named volume %s for container %s", volumeName, c.ID()) } - uid := int(c.config.Spec.Process.User.UID) - gid := int(c.config.Spec.Process.User.GID) - vol.lock.Lock() defer vol.lock.Unlock() @@ -1547,22 +1544,34 @@ func (c *Container) chownVolume(volumeName string) error { if vol.state.NeedsChown { vol.state.NeedsChown = false + + uid := int(c.config.Spec.Process.User.UID) + gid := int(c.config.Spec.Process.User.GID) + + if c.config.IDMappings.UIDMap != nil { + p := idtools.IDPair{ + UID: uid, + GID: gid, + } + mappings := idtools.NewIDMappingsFromMaps(c.config.IDMappings.UIDMap, c.config.IDMappings.GIDMap) + newPair, err := mappings.ToHost(p) + if err != nil { + return errors.Wrapf(err, "error mapping user %d:%d", uid, gid) + } + uid = newPair.UID + gid = newPair.GID + } + vol.state.UIDChowned = uid vol.state.GIDChowned = gid if err := vol.save(); err != nil { return err } - err := filepath.Walk(vol.MountPoint(), func(path string, info os.FileInfo, err error) error { - if err != nil { - return err - } - if err := os.Lchown(path, uid, gid); err != nil { - return err - } - return nil - }) - if err != nil { + + mountPoint := vol.MountPoint() + + if err := os.Lchown(mountPoint, uid, gid); err != nil { return err } } diff --git a/libpod/define/errors.go b/libpod/define/errors.go index 23d10f527..4a0df3983 100644 --- a/libpod/define/errors.go +++ b/libpod/define/errors.go @@ -2,23 +2,20 @@ package define import ( "errors" - - "github.com/containers/podman/v2/libpod/image" - "github.com/containers/podman/v2/utils" ) var ( // ErrNoSuchCtr indicates the requested container does not exist - ErrNoSuchCtr = image.ErrNoSuchCtr + ErrNoSuchCtr = errors.New("no such container") // ErrNoSuchPod indicates the requested pod does not exist - ErrNoSuchPod = image.ErrNoSuchPod + ErrNoSuchPod = errors.New("no such pod") // ErrNoSuchImage indicates the requested image does not exist - ErrNoSuchImage = image.ErrNoSuchImage + ErrNoSuchImage = errors.New("no such image") // ErrNoSuchTag indicates the requested image tag does not exist - ErrNoSuchTag = image.ErrNoSuchTag + ErrNoSuchTag = errors.New("no such tag") // ErrNoSuchVolume indicates the requested volume does not exist ErrNoSuchVolume = errors.New("no such volume") @@ -76,7 +73,7 @@ var ( // ErrDetach indicates that an attach session was manually detached by // the user. - ErrDetach = utils.ErrDetach + ErrDetach = errors.New("detached from container") // ErrWillDeadlock indicates that the requested operation will cause a // deadlock. This is usually caused by upgrade issues, and is resolved diff --git a/libpod/image/errors.go b/libpod/image/errors.go index ddbf7be4b..3f58b1c6a 100644 --- a/libpod/image/errors.go +++ b/libpod/image/errors.go @@ -1,17 +1,16 @@ package image import ( - "errors" + "github.com/containers/podman/v2/libpod/define" ) -// Copied directly from libpod errors to avoid circular imports var ( // ErrNoSuchCtr indicates the requested container does not exist - ErrNoSuchCtr = errors.New("no such container") + ErrNoSuchCtr = define.ErrNoSuchCtr // ErrNoSuchPod indicates the requested pod does not exist - ErrNoSuchPod = errors.New("no such pod") + ErrNoSuchPod = define.ErrNoSuchPod // ErrNoSuchImage indicates the requested image does not exist - ErrNoSuchImage = errors.New("no such image") + ErrNoSuchImage = define.ErrNoSuchImage // ErrNoSuchTag indicates the requested image tag does not exist - ErrNoSuchTag = errors.New("no such tag") + ErrNoSuchTag = define.ErrNoSuchTag ) diff --git a/libpod/oci_conmon_exec_linux.go b/libpod/oci_conmon_exec_linux.go index f8d87759a..cfe3745fa 100644 --- a/libpod/oci_conmon_exec_linux.go +++ b/libpod/oci_conmon_exec_linux.go @@ -449,9 +449,12 @@ func (r *ConmonOCIRuntime) startExec(c *Container, sessionID string, options *Ex return nil, nil, err } + var filesToClose []*os.File if options.PreserveFDs > 0 { for fd := 3; fd < int(3+options.PreserveFDs); fd++ { - execCmd.ExtraFiles = append(execCmd.ExtraFiles, os.NewFile(uintptr(fd), fmt.Sprintf("fd-%d", fd))) + f := os.NewFile(uintptr(fd), fmt.Sprintf("fd-%d", fd)) + filesToClose = append(filesToClose, f) + execCmd.ExtraFiles = append(execCmd.ExtraFiles, f) } } @@ -483,14 +486,10 @@ func (r *ConmonOCIRuntime) startExec(c *Container, sessionID string, options *Ex return nil, nil, err } - if options.PreserveFDs > 0 { - for fd := 3; fd < int(3+options.PreserveFDs); fd++ { - // These fds were passed down to the runtime. Close them - // and not interfere - if err := os.NewFile(uintptr(fd), fmt.Sprintf("fd-%d", fd)).Close(); err != nil { - logrus.Debugf("unable to close file fd-%d", fd) - } - } + // These fds were passed down to the runtime. Close them + // and not interfere + for _, f := range filesToClose { + errorhandling.CloseQuiet(f) } return execCmd, pipes, nil diff --git a/libpod/oci_conmon_linux.go b/libpod/oci_conmon_linux.go index e677ece31..67593a68b 100644 --- a/libpod/oci_conmon_linux.go +++ b/libpod/oci_conmon_linux.go @@ -954,9 +954,12 @@ func (r *ConmonOCIRuntime) createOCIContainer(ctr *Container, restoreOptions *Co return err } + var filesToClose []*os.File if ctr.config.PreserveFDs > 0 { for fd := 3; fd < int(3+ctr.config.PreserveFDs); fd++ { - cmd.ExtraFiles = append(cmd.ExtraFiles, os.NewFile(uintptr(fd), fmt.Sprintf("fd-%d", fd))) + f := os.NewFile(uintptr(fd), fmt.Sprintf("fd-%d", fd)) + filesToClose = append(filesToClose, f) + cmd.ExtraFiles = append(cmd.ExtraFiles, f) } } @@ -1052,14 +1055,10 @@ func (r *ConmonOCIRuntime) createOCIContainer(ctr *Container, restoreOptions *Co } } - if ctr.config.PreserveFDs > 0 { - for fd := 3; fd < int(3+ctr.config.PreserveFDs); fd++ { - // These fds were passed down to the runtime. Close them - // and not interfere - if err := os.NewFile(uintptr(fd), fmt.Sprintf("fd-%d", fd)).Close(); err != nil { - logrus.Debugf("unable to close file fd-%d", fd) - } - } + // These fds were passed down to the runtime. Close them + // and not interfere + for _, f := range filesToClose { + errorhandling.CloseQuiet(f) } return nil |