aboutsummaryrefslogtreecommitdiff
path: root/pkg
diff options
context:
space:
mode:
Diffstat (limited to 'pkg')
-rw-r--r--pkg/specgenutil/volumes.go63
1 files changed, 60 insertions, 3 deletions
diff --git a/pkg/specgenutil/volumes.go b/pkg/specgenutil/volumes.go
index 0ed08198f..3ce96164f 100644
--- a/pkg/specgenutil/volumes.go
+++ b/pkg/specgenutil/volumes.go
@@ -243,7 +243,7 @@ func getBindMount(args []string) (spec.Mount, error) {
Type: define.TypeBind,
}
- var setSource, setDest, setRORW, setSuid, setDev, setExec, setRelabel bool
+ var setSource, setDest, setRORW, setSuid, setDev, setExec, setRelabel, setOwnership bool
for _, val := range args {
kv := strings.SplitN(val, "=", 2)
@@ -343,6 +343,18 @@ func getBindMount(args []string) (spec.Mount, error) {
default:
return newMount, errors.Wrapf(util.ErrBadMntOption, "%s mount option must be 'private' or 'shared'", kv[0])
}
+ case "U", "chown":
+ if setOwnership {
+ return newMount, errors.Wrapf(optionArgError, "cannot pass 'U' or 'chown' option more than once")
+ }
+ ok, err := validChownFlag(val)
+ if err != nil {
+ return newMount, err
+ }
+ if ok {
+ newMount.Options = append(newMount.Options, "U")
+ }
+ setOwnership = true
case "consistency":
// Often used on MACs and mistakenly on Linux platforms.
// Since Docker ignores this option so shall we.
@@ -375,7 +387,7 @@ func getTmpfsMount(args []string) (spec.Mount, error) {
Source: define.TypeTmpfs,
}
- var setDest, setRORW, setSuid, setDev, setExec, setTmpcopyup bool
+ var setDest, setRORW, setSuid, setDev, setExec, setTmpcopyup, setOwnership bool
for _, val := range args {
kv := strings.SplitN(val, "=", 2)
@@ -431,6 +443,18 @@ func getTmpfsMount(args []string) (spec.Mount, error) {
}
newMount.Destination = filepath.Clean(kv[1])
setDest = true
+ case "U", "chown":
+ if setOwnership {
+ return newMount, errors.Wrapf(optionArgError, "cannot pass 'U' or 'chown' option more than once")
+ }
+ ok, err := validChownFlag(val)
+ if err != nil {
+ return newMount, err
+ }
+ if ok {
+ newMount.Options = append(newMount.Options, "U")
+ }
+ setOwnership = true
case "consistency":
// Often used on MACs and mistakenly on Linux platforms.
// Since Docker ignores this option so shall we.
@@ -486,7 +510,7 @@ func getDevptsMount(args []string) (spec.Mount, error) {
func getNamedVolume(args []string) (*specgen.NamedVolume, error) {
newVolume := new(specgen.NamedVolume)
- var setSource, setDest, setRORW, setSuid, setDev, setExec bool
+ var setSource, setDest, setRORW, setSuid, setDev, setExec, setOwnership bool
for _, val := range args {
kv := strings.SplitN(val, "=", 2)
@@ -532,6 +556,18 @@ func getNamedVolume(args []string) (*specgen.NamedVolume, error) {
}
newVolume.Dest = filepath.Clean(kv[1])
setDest = true
+ case "U", "chown":
+ if setOwnership {
+ return newVolume, errors.Wrapf(optionArgError, "cannot pass 'U' or 'chown' option more than once")
+ }
+ ok, err := validChownFlag(val)
+ if err != nil {
+ return newVolume, err
+ }
+ if ok {
+ newVolume.Options = append(newVolume.Options, "U")
+ }
+ setOwnership = true
case "consistency":
// Often used on MACs and mistakenly on Linux platforms.
// Since Docker ignores this option so shall we.
@@ -628,3 +664,24 @@ func getTmpfsMounts(tmpfsFlag []string) (map[string]spec.Mount, error) {
}
return m, nil
}
+
+// validChownFlag ensures that the U or chown flag is correctly used
+func validChownFlag(flag string) (bool, error) {
+ kv := strings.SplitN(flag, "=", 2)
+ switch len(kv) {
+ case 1:
+ case 2:
+ // U=[true|false]
+ switch strings.ToLower(kv[1]) {
+ case "true":
+ case "false":
+ return false, nil
+ default:
+ return false, errors.Wrapf(optionArgError, "'U' or 'chown' must be set to true or false, instead received %q", kv[1])
+ }
+ default:
+ return false, errors.Wrapf(optionArgError, "badly formatted option %q", flag)
+ }
+
+ return true, nil
+}