2018-02-05 16:05:59 -05:00
|
|
|
package chrootarchive // import "github.com/docker/docker/pkg/chrootarchive"
|
2014-10-29 15:06:51 -04:00
|
|
|
|
|
|
|
import (
|
|
|
|
"fmt"
|
|
|
|
"io"
|
2019-07-25 10:24:39 -04:00
|
|
|
"net"
|
2014-10-29 15:06:51 -04:00
|
|
|
"os"
|
2019-07-25 10:24:39 -04:00
|
|
|
"os/user"
|
2014-12-08 16:19:24 -05:00
|
|
|
"path/filepath"
|
2014-10-29 15:06:51 -04:00
|
|
|
|
|
|
|
"github.com/docker/docker/pkg/archive"
|
2015-10-14 14:35:48 -04:00
|
|
|
"github.com/docker/docker/pkg/idtools"
|
2014-10-29 15:06:51 -04:00
|
|
|
)
|
|
|
|
|
2019-07-25 10:24:39 -04:00
|
|
|
func init() {
|
|
|
|
// initialize nss libraries in Glibc so that the dynamic libraries are loaded in the host
|
|
|
|
// environment not in the chroot from untrusted files.
|
|
|
|
_, _ = user.Lookup("docker")
|
|
|
|
_, _ = net.LookupHost("localhost")
|
|
|
|
}
|
|
|
|
|
2017-05-24 11:53:41 -04:00
|
|
|
// NewArchiver returns a new Archiver which uses chrootarchive.Untar
|
2022-03-14 15:24:29 -04:00
|
|
|
func NewArchiver(idMapping idtools.IdentityMapping) *archive.Archiver {
|
2017-08-03 20:22:00 -04:00
|
|
|
return &archive.Archiver{
|
2017-11-16 01:20:33 -05:00
|
|
|
Untar: Untar,
|
|
|
|
IDMapping: idMapping,
|
2017-08-03 20:22:00 -04:00
|
|
|
}
|
2017-05-24 11:53:41 -04:00
|
|
|
}
|
2014-12-08 16:14:56 -05:00
|
|
|
|
2015-06-16 05:51:27 -04:00
|
|
|
// Untar reads a stream of bytes from `archive`, parses it as a tar archive,
|
|
|
|
// and unpacks it into the directory at `dest`.
|
|
|
|
// The archive may be compressed with one of the following algorithms:
|
2022-07-08 12:27:07 -04:00
|
|
|
// identity (uncompressed), gzip, bzip2, xz.
|
2014-12-08 16:14:56 -05:00
|
|
|
func Untar(tarArchive io.Reader, dest string, options *archive.TarOptions) error {
|
2019-05-30 14:15:09 -04:00
|
|
|
return untarHandler(tarArchive, dest, options, true, dest)
|
|
|
|
}
|
|
|
|
|
|
|
|
// UntarWithRoot is the same as `Untar`, but allows you to pass in a root directory
|
|
|
|
// The root directory is the directory that will be chrooted to.
|
|
|
|
// `dest` must be a path within `root`, if it is not an error will be returned.
|
|
|
|
//
|
|
|
|
// `root` should set to a directory which is not controlled by any potentially
|
|
|
|
// malicious process.
|
|
|
|
//
|
|
|
|
// This should be used to prevent a potential attacker from manipulating `dest`
|
|
|
|
// such that it would provide access to files outside of `dest` through things
|
|
|
|
// like symlinks. Normally `ResolveSymlinksInScope` would handle this, however
|
|
|
|
// sanitizing symlinks in this manner is inherrently racey:
|
|
|
|
// ref: CVE-2018-15664
|
|
|
|
func UntarWithRoot(tarArchive io.Reader, dest string, options *archive.TarOptions, root string) error {
|
|
|
|
return untarHandler(tarArchive, dest, options, true, root)
|
2015-07-27 09:46:20 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
// UntarUncompressed reads a stream of bytes from `archive`, parses it as a tar archive,
|
|
|
|
// and unpacks it into the directory at `dest`.
|
|
|
|
// The archive must be an uncompressed stream.
|
|
|
|
func UntarUncompressed(tarArchive io.Reader, dest string, options *archive.TarOptions) error {
|
2019-05-30 14:15:09 -04:00
|
|
|
return untarHandler(tarArchive, dest, options, false, dest)
|
2015-07-27 09:46:20 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
// Handler for teasing out the automatic decompression
|
2019-05-30 14:15:09 -04:00
|
|
|
func untarHandler(tarArchive io.Reader, dest string, options *archive.TarOptions, decompress bool, root string) error {
|
2014-12-08 16:14:56 -05:00
|
|
|
if tarArchive == nil {
|
|
|
|
return fmt.Errorf("Empty archive")
|
|
|
|
}
|
|
|
|
if options == nil {
|
|
|
|
options = &archive.TarOptions{}
|
|
|
|
}
|
2014-10-23 17:30:11 -04:00
|
|
|
if options.ExcludePatterns == nil {
|
|
|
|
options.ExcludePatterns = []string{}
|
2014-12-08 16:14:56 -05:00
|
|
|
}
|
2014-10-29 15:06:51 -04:00
|
|
|
|
2021-05-19 19:51:35 -04:00
|
|
|
// If dest is inside a root then directory is created within chroot by extractor.
|
|
|
|
// This case is only currently used by cp.
|
|
|
|
if dest == root {
|
2022-03-14 15:24:29 -04:00
|
|
|
rootIDs := options.IDMap.RootPair()
|
2015-10-14 14:35:48 -04:00
|
|
|
|
2021-05-19 19:51:35 -04:00
|
|
|
dest = filepath.Clean(dest)
|
|
|
|
if _, err := os.Stat(dest); os.IsNotExist(err) {
|
|
|
|
if err := idtools.MkdirAllAndChownNew(dest, 0755, rootIDs); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2014-10-29 15:06:51 -04:00
|
|
|
}
|
|
|
|
}
|
2015-01-29 10:28:44 -05:00
|
|
|
|
2021-08-24 06:10:50 -04:00
|
|
|
r := io.NopCloser(tarArchive)
|
2015-07-27 09:46:20 -04:00
|
|
|
if decompress {
|
|
|
|
decompressedArchive, err := archive.DecompressStream(tarArchive)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
defer decompressedArchive.Close()
|
|
|
|
r = decompressedArchive
|
2014-12-08 16:19:24 -05:00
|
|
|
}
|
2014-11-08 10:38:42 -05:00
|
|
|
|
2019-05-30 14:15:09 -04:00
|
|
|
return invokeUnpack(r, dest, options, root)
|
2014-10-29 15:06:51 -04:00
|
|
|
}
|
2019-05-30 17:55:52 -04:00
|
|
|
|
|
|
|
// Tar tars the requested path while chrooted to the specified root.
|
|
|
|
func Tar(srcPath string, options *archive.TarOptions, root string) (io.ReadCloser, error) {
|
|
|
|
if options == nil {
|
|
|
|
options = &archive.TarOptions{}
|
|
|
|
}
|
|
|
|
return invokePack(srcPath, options, root)
|
|
|
|
}
|