Skip to content

Commit

Permalink
Merge pull request docker#18436 from estesp/fix-initlayer-perms
Browse files Browse the repository at this point in the history 
Fix init layer chown of existing dir ownership
  • Loading branch information
Jess Frazelle committed Dec 4, 2015
2 parents 51b0f23 + 23b7717 commit a56f258
Show file tree
Hide file tree
Showing 2 changed files with 26 additions and 3 deletions.
6 changes: 3 additions & 3 deletions daemon/daemon_unix.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -585,21 +585,21 @@ func setupInitLayer(initLayer string, rootUID, rootGID int) error {

if _, err := os.Stat(filepath.Join(initLayer, pth)); err != nil {
if os.IsNotExist(err) {
if err := idtools.MkdirAllAs(filepath.Join(initLayer, filepath.Dir(pth)), 0755, rootUID, rootGID); err != nil {
if err := idtools.MkdirAllNewAs(filepath.Join(initLayer, filepath.Dir(pth)), 0755, rootUID, rootGID); err != nil {
return err
}
switch typ {
case "dir":
if err := idtools.MkdirAllAs(filepath.Join(initLayer, pth), 0755, rootUID, rootGID); err != nil {
if err := idtools.MkdirAllNewAs(filepath.Join(initLayer, pth), 0755, rootUID, rootGID); err != nil {
return err
}
case "file":
f, err := os.OpenFile(filepath.Join(initLayer, pth), os.O_CREATE, 0755)
if err != nil {
return err
}
f.Close()
f.Chown(rootUID, rootGID)
f.Close()
default:
if err := os.Symlink(typ, filepath.Join(initLayer, pth)); err != nil {
return err
Expand Down
23 changes: 23 additions & 0 deletions integration-cli/docker_cli_run_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3762,6 +3762,29 @@ func (s *DockerSuite) TestRunInvalidReference(c *check.C) {
}
}

// Test fix for issue #17854
func (s *DockerSuite) TestRunInitLayerPathOwnership(c *check.C) {
// Not applicable on Windows as it does not support Linux uid/gid ownership
testRequires(c, DaemonIsLinux)
name := "testetcfileownership"
_, err := buildImage(name,
`FROM busybox
RUN echo 'dockerio:x:1001:1001::/bin:/bin/false' >> /etc/passwd
RUN echo 'dockerio:x:1001:' >> /etc/group
RUN chown dockerio:dockerio /etc`,
true)
if err != nil {
c.Fatal(err)
}

// Test that dockerio ownership of /etc is retained at runtime
out, _ := dockerCmd(c, "run", "--rm", name, "stat", "-c", "%U:%G", "/etc")
out = strings.TrimSpace(out)
if out != "dockerio:dockerio" {
c.Fatalf("Wrong /etc ownership: expected dockerio:dockerio, got %q", out)
}
}

func (s *DockerSuite) TestRunWithOomScoreAdj(c *check.C) {
testRequires(c, DaemonIsLinux)

Expand Down

0 comments on commit a56f258

Please sign in to comment.