summaryrefslogtreecommitdiff
path: root/vendor/github.com/docker
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/github.com/docker')
-rw-r--r--vendor/github.com/docker/docker/api/swagger.yaml4
-rw-r--r--vendor/github.com/docker/docker/client/build_cancel.go2
-rw-r--r--vendor/github.com/docker/docker/client/client.go2
-rw-r--r--vendor/github.com/docker/docker/client/config_create.go2
-rw-r--r--vendor/github.com/docker/docker/client/config_remove.go2
-rw-r--r--vendor/github.com/docker/docker/client/config_update.go2
-rw-r--r--vendor/github.com/docker/docker/client/container_commit.go2
-rw-r--r--vendor/github.com/docker/docker/client/container_copy.go2
-rw-r--r--vendor/github.com/docker/docker/client/container_create.go2
-rw-r--r--vendor/github.com/docker/docker/client/container_restart.go2
-rw-r--r--vendor/github.com/docker/docker/client/container_update.go2
-rw-r--r--vendor/github.com/docker/docker/client/distribution_inspect.go2
-rw-r--r--vendor/github.com/docker/docker/client/image_build.go4
-rw-r--r--vendor/github.com/docker/docker/client/image_create.go2
-rw-r--r--vendor/github.com/docker/docker/client/image_import.go2
-rw-r--r--vendor/github.com/docker/docker/client/image_search.go2
-rw-r--r--vendor/github.com/docker/docker/client/secret_create.go2
-rw-r--r--vendor/github.com/docker/docker/client/secret_remove.go2
-rw-r--r--vendor/github.com/docker/docker/client/secret_update.go2
-rw-r--r--vendor/github.com/docker/docker/client/service_create.go2
-rw-r--r--vendor/github.com/docker/docker/client/task_inspect.go2
-rw-r--r--vendor/github.com/docker/docker/pkg/archive/archive.go30
-rw-r--r--vendor/github.com/docker/docker/pkg/archive/archive_linux.go180
-rw-r--r--vendor/github.com/docker/docker/pkg/archive/archive_other.go4
24 files changed, 45 insertions, 215 deletions
diff --git a/vendor/github.com/docker/docker/api/swagger.yaml b/vendor/github.com/docker/docker/api/swagger.yaml
index 8500705b5..1294e5a22 100644
--- a/vendor/github.com/docker/docker/api/swagger.yaml
+++ b/vendor/github.com/docker/docker/api/swagger.yaml
@@ -1274,7 +1274,7 @@ definitions:
type: "object"
properties:
Bridge:
- description: Name of the network's bridge (for example, `docker0`).
+ description: Name of the network'a bridge (for example, `docker0`).
type: "string"
example: "docker0"
SandboxID:
@@ -10050,7 +10050,7 @@ paths:
description: |
Address or interface to use for data path traffic (format:
`<ip|interface>`), for example, `192.168.1.1`, or an interface,
- like `eth0`. If `DataPathAddr` is unspecified, the same address
+ like `eth0`. If `DataPathAddr` is unspecified, the same addres
as `AdvertiseAddr` is used.
The `DataPathAddr` specifies the address that global scope
diff --git a/vendor/github.com/docker/docker/client/build_cancel.go b/vendor/github.com/docker/docker/client/build_cancel.go
index b76bf366b..3aae43e3d 100644
--- a/vendor/github.com/docker/docker/client/build_cancel.go
+++ b/vendor/github.com/docker/docker/client/build_cancel.go
@@ -5,7 +5,7 @@ import (
"net/url"
)
-// BuildCancel requests the daemon to cancel the ongoing build request.
+// BuildCancel requests the daemon to cancel ongoing build request
func (cli *Client) BuildCancel(ctx context.Context, id string) error {
query := url.Values{}
query.Set("id", id)
diff --git a/vendor/github.com/docker/docker/client/client.go b/vendor/github.com/docker/docker/client/client.go
index 68064ca9c..21edf1fa1 100644
--- a/vendor/github.com/docker/docker/client/client.go
+++ b/vendor/github.com/docker/docker/client/client.go
@@ -2,7 +2,7 @@
Package client is a Go client for the Docker Engine API.
For more information about the Engine API, see the documentation:
-https://docs.docker.com/engine/reference/api/
+https://docs.docker.com/engine/api/
Usage
diff --git a/vendor/github.com/docker/docker/client/config_create.go b/vendor/github.com/docker/docker/client/config_create.go
index f6b1881fc..ee7d411df 100644
--- a/vendor/github.com/docker/docker/client/config_create.go
+++ b/vendor/github.com/docker/docker/client/config_create.go
@@ -8,7 +8,7 @@ import (
"github.com/docker/docker/api/types/swarm"
)
-// ConfigCreate creates a new config.
+// ConfigCreate creates a new Config.
func (cli *Client) ConfigCreate(ctx context.Context, config swarm.ConfigSpec) (types.ConfigCreateResponse, error) {
var response types.ConfigCreateResponse
if err := cli.NewVersionError("1.30", "config create"); err != nil {
diff --git a/vendor/github.com/docker/docker/client/config_remove.go b/vendor/github.com/docker/docker/client/config_remove.go
index 93de0d844..a708fcaec 100644
--- a/vendor/github.com/docker/docker/client/config_remove.go
+++ b/vendor/github.com/docker/docker/client/config_remove.go
@@ -2,7 +2,7 @@ package client // import "github.com/docker/docker/client"
import "context"
-// ConfigRemove removes a config.
+// ConfigRemove removes a Config.
func (cli *Client) ConfigRemove(ctx context.Context, id string) error {
if err := cli.NewVersionError("1.30", "config remove"); err != nil {
return err
diff --git a/vendor/github.com/docker/docker/client/config_update.go b/vendor/github.com/docker/docker/client/config_update.go
index ba79ae64e..39e59cf85 100644
--- a/vendor/github.com/docker/docker/client/config_update.go
+++ b/vendor/github.com/docker/docker/client/config_update.go
@@ -8,7 +8,7 @@ import (
"github.com/docker/docker/api/types/swarm"
)
-// ConfigUpdate attempts to update a config
+// ConfigUpdate attempts to update a Config
func (cli *Client) ConfigUpdate(ctx context.Context, id string, version swarm.Version, config swarm.ConfigSpec) error {
if err := cli.NewVersionError("1.30", "config update"); err != nil {
return err
diff --git a/vendor/github.com/docker/docker/client/container_commit.go b/vendor/github.com/docker/docker/client/container_commit.go
index cd7f76346..2966e88c8 100644
--- a/vendor/github.com/docker/docker/client/container_commit.go
+++ b/vendor/github.com/docker/docker/client/container_commit.go
@@ -10,7 +10,7 @@ import (
"github.com/docker/docker/api/types"
)
-// ContainerCommit applies changes to a container and creates a new tagged image.
+// ContainerCommit applies changes into a container and creates a new tagged image.
func (cli *Client) ContainerCommit(ctx context.Context, container string, options types.ContainerCommitOptions) (types.IDResponse, error) {
var repository, tag string
if options.Reference != "" {
diff --git a/vendor/github.com/docker/docker/client/container_copy.go b/vendor/github.com/docker/docker/client/container_copy.go
index c0a47c14e..bb278bf7f 100644
--- a/vendor/github.com/docker/docker/client/container_copy.go
+++ b/vendor/github.com/docker/docker/client/container_copy.go
@@ -14,7 +14,7 @@ import (
"github.com/docker/docker/api/types"
)
-// ContainerStatPath returns stat information about a path inside the container filesystem.
+// ContainerStatPath returns Stat information about a path inside the container filesystem.
func (cli *Client) ContainerStatPath(ctx context.Context, containerID, path string) (types.ContainerPathStat, error) {
query := url.Values{}
query.Set("path", filepath.ToSlash(path)) // Normalize the paths used in the API.
diff --git a/vendor/github.com/docker/docker/client/container_create.go b/vendor/github.com/docker/docker/client/container_create.go
index cfae96a6f..b1d5fea5b 100644
--- a/vendor/github.com/docker/docker/client/container_create.go
+++ b/vendor/github.com/docker/docker/client/container_create.go
@@ -19,7 +19,7 @@ type configWrapper struct {
Platform *specs.Platform
}
-// ContainerCreate creates a new container based on the given configuration.
+// ContainerCreate creates a new container based in the given configuration.
// It can be associated with a name, but it's not mandatory.
func (cli *Client) ContainerCreate(ctx context.Context, config *container.Config, hostConfig *container.HostConfig, networkingConfig *network.NetworkingConfig, platform *specs.Platform, containerName string) (container.ContainerCreateCreatedBody, error) {
var response container.ContainerCreateCreatedBody
diff --git a/vendor/github.com/docker/docker/client/container_restart.go b/vendor/github.com/docker/docker/client/container_restart.go
index aa0d6485d..41e421969 100644
--- a/vendor/github.com/docker/docker/client/container_restart.go
+++ b/vendor/github.com/docker/docker/client/container_restart.go
@@ -9,7 +9,7 @@ import (
)
// ContainerRestart stops and starts a container again.
-// It makes the daemon wait for the container to be up again for
+// It makes the daemon to wait for the container to be up again for
// a specific amount of time, given the timeout.
func (cli *Client) ContainerRestart(ctx context.Context, containerID string, timeout *time.Duration) error {
query := url.Values{}
diff --git a/vendor/github.com/docker/docker/client/container_update.go b/vendor/github.com/docker/docker/client/container_update.go
index bf68a5300..6917cf9fb 100644
--- a/vendor/github.com/docker/docker/client/container_update.go
+++ b/vendor/github.com/docker/docker/client/container_update.go
@@ -7,7 +7,7 @@ import (
"github.com/docker/docker/api/types/container"
)
-// ContainerUpdate updates the resources of a container.
+// ContainerUpdate updates resources of a container
func (cli *Client) ContainerUpdate(ctx context.Context, containerID string, updateConfig container.UpdateConfig) (container.ContainerUpdateOKBody, error) {
var response container.ContainerUpdateOKBody
serverResp, err := cli.post(ctx, "/containers/"+containerID+"/update", nil, updateConfig, nil)
diff --git a/vendor/github.com/docker/docker/client/distribution_inspect.go b/vendor/github.com/docker/docker/client/distribution_inspect.go
index 7f36c99a0..f4e3794cb 100644
--- a/vendor/github.com/docker/docker/client/distribution_inspect.go
+++ b/vendor/github.com/docker/docker/client/distribution_inspect.go
@@ -8,7 +8,7 @@ import (
registrytypes "github.com/docker/docker/api/types/registry"
)
-// DistributionInspect returns the image digest with the full manifest.
+// DistributionInspect returns the image digest with full Manifest
func (cli *Client) DistributionInspect(ctx context.Context, image, encodedRegistryAuth string) (registrytypes.DistributionInspect, error) {
// Contact the registry to retrieve digest and platform information
var distributionInspect registrytypes.DistributionInspect
diff --git a/vendor/github.com/docker/docker/client/image_build.go b/vendor/github.com/docker/docker/client/image_build.go
index d16e1d8ea..8fcf99503 100644
--- a/vendor/github.com/docker/docker/client/image_build.go
+++ b/vendor/github.com/docker/docker/client/image_build.go
@@ -14,8 +14,8 @@ import (
"github.com/docker/docker/api/types/container"
)
-// ImageBuild sends a request to the daemon to build images.
-// The Body in the response implements an io.ReadCloser and it's up to the caller to
+// ImageBuild sends request to the daemon to build images.
+// The Body in the response implement an io.ReadCloser and it's up to the caller to
// close it.
func (cli *Client) ImageBuild(ctx context.Context, buildContext io.Reader, options types.ImageBuildOptions) (types.ImageBuildResponse, error) {
query, err := cli.imageBuildOptionsToQuery(options)
diff --git a/vendor/github.com/docker/docker/client/image_create.go b/vendor/github.com/docker/docker/client/image_create.go
index b1c022777..239380474 100644
--- a/vendor/github.com/docker/docker/client/image_create.go
+++ b/vendor/github.com/docker/docker/client/image_create.go
@@ -10,7 +10,7 @@ import (
"github.com/docker/docker/api/types"
)
-// ImageCreate creates a new image based on the parent options.
+// ImageCreate creates a new image based in the parent options.
// It returns the JSON content in the response body.
func (cli *Client) ImageCreate(ctx context.Context, parentReference string, options types.ImageCreateOptions) (io.ReadCloser, error) {
ref, err := reference.ParseNormalizedNamed(parentReference)
diff --git a/vendor/github.com/docker/docker/client/image_import.go b/vendor/github.com/docker/docker/client/image_import.go
index c5de42cb7..d3336d410 100644
--- a/vendor/github.com/docker/docker/client/image_import.go
+++ b/vendor/github.com/docker/docker/client/image_import.go
@@ -10,7 +10,7 @@ import (
"github.com/docker/docker/api/types"
)
-// ImageImport creates a new image based on the source options.
+// ImageImport creates a new image based in the source options.
// It returns the JSON content in the response body.
func (cli *Client) ImageImport(ctx context.Context, source types.ImageImportSource, ref string, options types.ImageImportOptions) (io.ReadCloser, error) {
if ref != "" {
diff --git a/vendor/github.com/docker/docker/client/image_search.go b/vendor/github.com/docker/docker/client/image_search.go
index 5f40a22a9..82955a747 100644
--- a/vendor/github.com/docker/docker/client/image_search.go
+++ b/vendor/github.com/docker/docker/client/image_search.go
@@ -12,7 +12,7 @@ import (
"github.com/docker/docker/errdefs"
)
-// ImageSearch makes the docker host search by a term in a remote registry.
+// ImageSearch makes the docker host to search by a term in a remote registry.
// The list of results is not sorted in any fashion.
func (cli *Client) ImageSearch(ctx context.Context, term string, options types.ImageSearchOptions) ([]registry.SearchResult, error) {
var results []registry.SearchResult
diff --git a/vendor/github.com/docker/docker/client/secret_create.go b/vendor/github.com/docker/docker/client/secret_create.go
index c65d38a19..fd5b91413 100644
--- a/vendor/github.com/docker/docker/client/secret_create.go
+++ b/vendor/github.com/docker/docker/client/secret_create.go
@@ -8,7 +8,7 @@ import (
"github.com/docker/docker/api/types/swarm"
)
-// SecretCreate creates a new secret.
+// SecretCreate creates a new Secret.
func (cli *Client) SecretCreate(ctx context.Context, secret swarm.SecretSpec) (types.SecretCreateResponse, error) {
var response types.SecretCreateResponse
if err := cli.NewVersionError("1.25", "secret create"); err != nil {
diff --git a/vendor/github.com/docker/docker/client/secret_remove.go b/vendor/github.com/docker/docker/client/secret_remove.go
index f6c69e57f..c16f55580 100644
--- a/vendor/github.com/docker/docker/client/secret_remove.go
+++ b/vendor/github.com/docker/docker/client/secret_remove.go
@@ -2,7 +2,7 @@ package client // import "github.com/docker/docker/client"
import "context"
-// SecretRemove removes a secret.
+// SecretRemove removes a Secret.
func (cli *Client) SecretRemove(ctx context.Context, id string) error {
if err := cli.NewVersionError("1.25", "secret remove"); err != nil {
return err
diff --git a/vendor/github.com/docker/docker/client/secret_update.go b/vendor/github.com/docker/docker/client/secret_update.go
index d082dcef7..164256bbc 100644
--- a/vendor/github.com/docker/docker/client/secret_update.go
+++ b/vendor/github.com/docker/docker/client/secret_update.go
@@ -8,7 +8,7 @@ import (
"github.com/docker/docker/api/types/swarm"
)
-// SecretUpdate attempts to update a secret.
+// SecretUpdate attempts to update a Secret
func (cli *Client) SecretUpdate(ctx context.Context, id string, version swarm.Version, secret swarm.SecretSpec) error {
if err := cli.NewVersionError("1.25", "secret update"); err != nil {
return err
diff --git a/vendor/github.com/docker/docker/client/service_create.go b/vendor/github.com/docker/docker/client/service_create.go
index a07315f71..e0428bf98 100644
--- a/vendor/github.com/docker/docker/client/service_create.go
+++ b/vendor/github.com/docker/docker/client/service_create.go
@@ -13,7 +13,7 @@ import (
"github.com/pkg/errors"
)
-// ServiceCreate creates a new service.
+// ServiceCreate creates a new Service.
func (cli *Client) ServiceCreate(ctx context.Context, service swarm.ServiceSpec, options types.ServiceCreateOptions) (types.ServiceCreateResponse, error) {
var response types.ServiceCreateResponse
headers := map[string][]string{
diff --git a/vendor/github.com/docker/docker/client/task_inspect.go b/vendor/github.com/docker/docker/client/task_inspect.go
index ed132f379..44d40ba5a 100644
--- a/vendor/github.com/docker/docker/client/task_inspect.go
+++ b/vendor/github.com/docker/docker/client/task_inspect.go
@@ -9,7 +9,7 @@ import (
"github.com/docker/docker/api/types/swarm"
)
-// TaskInspectWithRaw returns the task information and its raw representation.
+// TaskInspectWithRaw returns the task information and its raw representation..
func (cli *Client) TaskInspectWithRaw(ctx context.Context, taskID string) (swarm.Task, []byte, error) {
if taskID == "" {
return swarm.Task{}, nil, objectNotFoundError{object: "task", id: taskID}
diff --git a/vendor/github.com/docker/docker/pkg/archive/archive.go b/vendor/github.com/docker/docker/pkg/archive/archive.go
index 134749d68..8d14b7869 100644
--- a/vendor/github.com/docker/docker/pkg/archive/archive.go
+++ b/vendor/github.com/docker/docker/pkg/archive/archive.go
@@ -402,24 +402,10 @@ func fillGo18FileTypeBits(mode int64, fi os.FileInfo) int64 {
// ReadSecurityXattrToTarHeader reads security.capability xattr from filesystem
// to a tar header
func ReadSecurityXattrToTarHeader(path string, hdr *tar.Header) error {
- const (
- // Values based on linux/include/uapi/linux/capability.h
- xattrCapsSz2 = 20
- versionOffset = 3
- vfsCapRevision2 = 2
- vfsCapRevision3 = 3
- )
capability, _ := system.Lgetxattr(path, "security.capability")
if capability != nil {
- length := len(capability)
- if capability[versionOffset] == vfsCapRevision3 {
- // Convert VFS_CAP_REVISION_3 to VFS_CAP_REVISION_2 as root UID makes no
- // sense outside the user namespace the archive is built in.
- capability[versionOffset] = vfsCapRevision2
- length = xattrCapsSz2
- }
hdr.Xattrs = make(map[string]string)
- hdr.Xattrs["security.capability"] = string(capability[:length])
+ hdr.Xattrs["security.capability"] = string(capability)
}
return nil
}
@@ -753,13 +739,18 @@ func TarWithOptions(srcPath string, options *TarOptions) (io.ReadCloser, error)
return nil, err
}
+ whiteoutConverter, err := getWhiteoutConverter(options.WhiteoutFormat, options.InUserNS)
+ if err != nil {
+ return nil, err
+ }
+
go func() {
ta := newTarAppender(
idtools.NewIDMappingsFromMaps(options.UIDMaps, options.GIDMaps),
compressWriter,
options.ChownOpts,
)
- ta.WhiteoutConverter = getWhiteoutConverter(options.WhiteoutFormat, options.InUserNS)
+ ta.WhiteoutConverter = whiteoutConverter
defer func() {
// Make sure to check the error on Close.
@@ -917,7 +908,10 @@ func Unpack(decompressedArchive io.Reader, dest string, options *TarOptions) err
var dirs []*tar.Header
idMapping := idtools.NewIDMappingsFromMaps(options.UIDMaps, options.GIDMaps)
rootIDs := idMapping.RootPair()
- whiteoutConverter := getWhiteoutConverter(options.WhiteoutFormat, options.InUserNS)
+ whiteoutConverter, err := getWhiteoutConverter(options.WhiteoutFormat, options.InUserNS)
+ if err != nil {
+ return err
+ }
// Iterate through the files in the archive.
loop:
@@ -956,7 +950,7 @@ loop:
parent := filepath.Dir(hdr.Name)
parentPath := filepath.Join(dest, parent)
if _, err := os.Lstat(parentPath); err != nil && os.IsNotExist(err) {
- err = idtools.MkdirAllAndChownNew(parentPath, 0777, rootIDs)
+ err = idtools.MkdirAllAndChownNew(parentPath, 0755, rootIDs)
if err != nil {
return err
}
diff --git a/vendor/github.com/docker/docker/pkg/archive/archive_linux.go b/vendor/github.com/docker/docker/pkg/archive/archive_linux.go
index f7888e659..0a3cc1f92 100644
--- a/vendor/github.com/docker/docker/pkg/archive/archive_linux.go
+++ b/vendor/github.com/docker/docker/pkg/archive/archive_linux.go
@@ -2,29 +2,26 @@ package archive // import "github.com/docker/docker/pkg/archive"
import (
"archive/tar"
- "fmt"
- "io/ioutil"
"os"
"path/filepath"
"strings"
- "syscall"
- "github.com/containerd/continuity/fs"
"github.com/docker/docker/pkg/system"
- "github.com/moby/sys/mount"
"github.com/pkg/errors"
"golang.org/x/sys/unix"
)
-func getWhiteoutConverter(format WhiteoutFormat, inUserNS bool) tarWhiteoutConverter {
+func getWhiteoutConverter(format WhiteoutFormat, inUserNS bool) (tarWhiteoutConverter, error) {
if format == OverlayWhiteoutFormat {
- return overlayWhiteoutConverter{inUserNS: inUserNS}
+ if inUserNS {
+ return nil, errors.New("specifying OverlayWhiteoutFormat is not allowed in userns")
+ }
+ return overlayWhiteoutConverter{}, nil
}
- return nil
+ return nil, nil
}
type overlayWhiteoutConverter struct {
- inUserNS bool
}
func (overlayWhiteoutConverter) ConvertWrite(hdr *tar.Header, path string, fi os.FileInfo) (wo *tar.Header, err error) {
@@ -77,13 +74,7 @@ func (c overlayWhiteoutConverter) ConvertRead(hdr *tar.Header, path string) (boo
if base == WhiteoutOpaqueDir {
err := unix.Setxattr(dir, "trusted.overlay.opaque", []byte{'y'}, 0)
if err != nil {
- if c.inUserNS {
- if err = replaceDirWithOverlayOpaque(dir); err != nil {
- return false, errors.Wrapf(err, "replaceDirWithOverlayOpaque(%q) failed", dir)
- }
- } else {
- return false, errors.Wrapf(err, "setxattr(%q, trusted.overlay.opaque=y)", dir)
- }
+ return false, errors.Wrapf(err, "setxattr(%q, trusted.overlay.opaque=y)", dir)
}
// don't write the file itself
return false, err
@@ -95,19 +86,7 @@ func (c overlayWhiteoutConverter) ConvertRead(hdr *tar.Header, path string) (boo
originalPath := filepath.Join(dir, originalBase)
if err := unix.Mknod(originalPath, unix.S_IFCHR, 0); err != nil {
- if c.inUserNS {
- // Ubuntu and a few distros support overlayfs in userns.
- //
- // Although we can't call mknod directly in userns (at least on bionic kernel 4.15),
- // we can still create 0,0 char device using mknodChar0Overlay().
- //
- // NOTE: we don't need this hack for the containerd snapshotter+unpack model.
- if err := mknodChar0Overlay(originalPath); err != nil {
- return false, errors.Wrapf(err, "failed to mknodChar0UserNS(%q)", originalPath)
- }
- } else {
- return false, errors.Wrapf(err, "failed to mknod(%q, S_IFCHR, 0)", originalPath)
- }
+ return false, errors.Wrapf(err, "failed to mknod(%q, S_IFCHR, 0)", originalPath)
}
if err := os.Chown(originalPath, hdr.Uid, hdr.Gid); err != nil {
return false, err
@@ -119,146 +98,3 @@ func (c overlayWhiteoutConverter) ConvertRead(hdr *tar.Header, path string) (boo
return true, nil
}
-
-// mknodChar0Overlay creates 0,0 char device by mounting overlayfs and unlinking.
-// This function can be used for creating 0,0 char device in userns on Ubuntu.
-//
-// Steps:
-// * Mkdir lower,upper,merged,work
-// * Create lower/dummy
-// * Mount overlayfs
-// * Unlink merged/dummy
-// * Unmount overlayfs
-// * Make sure a 0,0 char device is created as upper/dummy
-// * Rename upper/dummy to cleansedOriginalPath
-func mknodChar0Overlay(cleansedOriginalPath string) error {
- dir := filepath.Dir(cleansedOriginalPath)
- tmp, err := ioutil.TempDir(dir, "mc0o")
- if err != nil {
- return errors.Wrapf(err, "failed to create a tmp directory under %s", dir)
- }
- defer os.RemoveAll(tmp)
- lower := filepath.Join(tmp, "l")
- upper := filepath.Join(tmp, "u")
- work := filepath.Join(tmp, "w")
- merged := filepath.Join(tmp, "m")
- for _, s := range []string{lower, upper, work, merged} {
- if err := os.MkdirAll(s, 0700); err != nil {
- return errors.Wrapf(err, "failed to mkdir %s", s)
- }
- }
- dummyBase := "d"
- lowerDummy := filepath.Join(lower, dummyBase)
- if err := ioutil.WriteFile(lowerDummy, []byte{}, 0600); err != nil {
- return errors.Wrapf(err, "failed to create a dummy lower file %s", lowerDummy)
- }
- // lowerdir needs ":" to be escaped: https://github.com/moby/moby/issues/40939#issuecomment-627098286
- lowerEscaped := strings.ReplaceAll(lower, ":", "\\:")
- mOpts := fmt.Sprintf("lowerdir=%s,upperdir=%s,workdir=%s", lowerEscaped, upper, work)
- if err := mount.Mount("overlay", merged, "overlay", mOpts); err != nil {
- return err
- }
- mergedDummy := filepath.Join(merged, dummyBase)
- if err := os.Remove(mergedDummy); err != nil {
- syscall.Unmount(merged, 0)
- return errors.Wrapf(err, "failed to unlink %s", mergedDummy)
- }
- if err := syscall.Unmount(merged, 0); err != nil {
- return errors.Wrapf(err, "failed to unmount %s", merged)
- }
- upperDummy := filepath.Join(upper, dummyBase)
- if err := isChar0(upperDummy); err != nil {
- return err
- }
- if err := os.Rename(upperDummy, cleansedOriginalPath); err != nil {
- return errors.Wrapf(err, "failed to rename %s to %s", upperDummy, cleansedOriginalPath)
- }
- return nil
-}
-
-func isChar0(path string) error {
- osStat, err := os.Stat(path)
- if err != nil {
- return errors.Wrapf(err, "failed to stat %s", path)
- }
- st, ok := osStat.Sys().(*syscall.Stat_t)
- if !ok {
- return errors.Errorf("got unsupported stat for %s", path)
- }
- if os.FileMode(st.Mode)&syscall.S_IFMT != syscall.S_IFCHR {
- return errors.Errorf("%s is not a character device, got mode=%d", path, st.Mode)
- }
- if st.Rdev != 0 {
- return errors.Errorf("%s is not a 0,0 character device, got Rdev=%d", path, st.Rdev)
- }
- return nil
-}
-
-// replaceDirWithOverlayOpaque replaces path with a new directory with trusted.overlay.opaque
-// xattr. The contents of the directory are preserved.
-func replaceDirWithOverlayOpaque(path string) error {
- if path == "/" {
- return errors.New("replaceDirWithOverlayOpaque: path must not be \"/\"")
- }
- dir := filepath.Dir(path)
- tmp, err := ioutil.TempDir(dir, "rdwoo")
- if err != nil {
- return errors.Wrapf(err, "failed to create a tmp directory under %s", dir)
- }
- defer os.RemoveAll(tmp)
- // newPath is a new empty directory crafted with trusted.overlay.opaque xattr.
- // we copy the content of path into newPath, remove path, and rename newPath to path.
- newPath, err := createDirWithOverlayOpaque(tmp)
- if err != nil {
- return errors.Wrapf(err, "createDirWithOverlayOpaque(%q) failed", tmp)
- }
- if err := fs.CopyDir(newPath, path); err != nil {
- return errors.Wrapf(err, "CopyDir(%q, %q) failed", newPath, path)
- }
- if err := os.RemoveAll(path); err != nil {
- return err
- }
- return os.Rename(newPath, path)
-}
-
-// createDirWithOverlayOpaque creates a directory with trusted.overlay.opaque xattr,
-// without calling setxattr, so as to allow creating opaque dir in userns on Ubuntu.
-func createDirWithOverlayOpaque(tmp string) (string, error) {
- lower := filepath.Join(tmp, "l")
- upper := filepath.Join(tmp, "u")
- work := filepath.Join(tmp, "w")
- merged := filepath.Join(tmp, "m")
- for _, s := range []string{lower, upper, work, merged} {
- if err := os.MkdirAll(s, 0700); err != nil {
- return "", errors.Wrapf(err, "failed to mkdir %s", s)
- }
- }
- dummyBase := "d"
- lowerDummy := filepath.Join(lower, dummyBase)
- if err := os.MkdirAll(lowerDummy, 0700); err != nil {
- return "", errors.Wrapf(err, "failed to create a dummy lower directory %s", lowerDummy)
- }
- // lowerdir needs ":" to be escaped: https://github.com/moby/moby/issues/40939#issuecomment-627098286
- lowerEscaped := strings.ReplaceAll(lower, ":", "\\:")
- mOpts := fmt.Sprintf("lowerdir=%s,upperdir=%s,workdir=%s", lowerEscaped, upper, work)
- if err := mount.Mount("overlay", merged, "overlay", mOpts); err != nil {
- return "", err
- }
- mergedDummy := filepath.Join(merged, dummyBase)
- if err := os.Remove(mergedDummy); err != nil {
- syscall.Unmount(merged, 0)
- return "", errors.Wrapf(err, "failed to rmdir %s", mergedDummy)
- }
- // upperDummy becomes a 0,0-char device file here
- if err := os.Mkdir(mergedDummy, 0700); err != nil {
- syscall.Unmount(merged, 0)
- return "", errors.Wrapf(err, "failed to mkdir %s", mergedDummy)
- }
- // upperDummy becomes a directory with trusted.overlay.opaque xattr
- // (but can't be verified in userns)
- if err := syscall.Unmount(merged, 0); err != nil {
- return "", errors.Wrapf(err, "failed to unmount %s", merged)
- }
- upperDummy := filepath.Join(upper, dummyBase)
- return upperDummy, nil
-}
diff --git a/vendor/github.com/docker/docker/pkg/archive/archive_other.go b/vendor/github.com/docker/docker/pkg/archive/archive_other.go
index 65a73354c..2a3dc9539 100644
--- a/vendor/github.com/docker/docker/pkg/archive/archive_other.go
+++ b/vendor/github.com/docker/docker/pkg/archive/archive_other.go
@@ -2,6 +2,6 @@
package archive // import "github.com/docker/docker/pkg/archive"
-func getWhiteoutConverter(format WhiteoutFormat, inUserNS bool) tarWhiteoutConverter {
- return nil
+func getWhiteoutConverter(format WhiteoutFormat, inUserNS bool) (tarWhiteoutConverter, error) {
+ return nil, nil
}