1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
moby--moby/pkg/idtools/utils_unix.go

32 lines
780 B
Go
Raw Normal View History

// +build !windows
package idtools // import "github.com/docker/docker/pkg/idtools"
import (
"fmt"
"os/exec"
"path/filepath"
)
func resolveBinary(binname string) (string, error) {
binaryPath, err := exec.LookPath(binname)
if err != nil {
return "", err
}
resolvedPath, err := filepath.EvalSymlinks(binaryPath)
if err != nil {
return "", err
}
// only return no error if the final resolved binary basename
// matches what was searched for
if filepath.Base(resolvedPath) == binname {
return resolvedPath, nil
}
return "", fmt.Errorf("Binary %q does not resolve to a binary of that name in $PATH (%q)", binname, resolvedPath)
}
pkg/idtools: refactor to avoid string-splitting The package used a lot of string-formatting, followed by string-splitting. This looked to originate from attempts to use templating to allow future extensibility (9a3ab0358ecd657e3754677ff52250fd6cca4422). Looking at the history of the package, only a single update was made to these templates, 5 years go, which makes it unlikely that more templating will be needed. This patch simplifies the handling of arguments to use `[]string` instead of a single `string` (and splitting to a `[]string`). This both simplifies the code somewhat, and prevents user/group-names containing spaces to be splitted (causing, e.g. `getent` to fail). Note that user/group-names containing spaces are invalid (or at least discouraged), there are situations where such names may be used, so we should avoid breaking on such names. Before this change, a user/group name with a space in its name would fail; dockerd --userns-remap="user:domain users" INFO[2020-08-19T10:26:59.288868661+02:00] Starting up Error during groupname lookup for "domain users": getent unable to find entry "domain" in group database With this change: # Add some possibly problematic usernames for testing # need to do this manually, as `adduser` / `useradd` won't accept these names echo 'user name:x:1002:1002::/home/one:/bin/false' >> /etc/passwd; \ echo 'user name:x:1002:' >> /etc/group; \ echo 'user name:1266401166:65536' >> /etc/subuid; \ echo 'user name:1266401153:65536' >> /etc/subgid; \ echo 'user$HOME:x:1003:1003::/home/one:/bin/false' >> /etc/passwd; \ echo 'user$HOME:x:1003:' >> /etc/group; \ echo 'user$HOME:1266401166:65536' >> /etc/subuid; \ echo 'user$HOME:1266401153:65536' >> /etc/subgid; \ echo 'user'"'"'name:x:1004:1004::/home/one:/bin/false' >> /etc/passwd; \ echo 'user'"'"'name:x:1004:' >> /etc/group; \ echo 'user'"'"'name:1266401166:65536' >> /etc/subuid; \ echo 'user'"'"'name:1266401153:65536' >> /etc/subgid; \ echo 'user"name:x:1005:1005::/home/one:/bin/false' >> /etc/passwd; \ echo 'user"name:x:1005:' >> /etc/group; \ echo 'user"name:1266401166:65536' >> /etc/subuid; \ echo 'user"name:1266401153:65536' >> /etc/subgid; # Start the daemon using those users dockerd --userns-remap="user name:user name" dockerd --userns-remap='user$HOME:user$HOME' dockerd --userns-remap="user'name":"user'name" dockerd --userns-remap='user"name':'user"name' Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-08-20 04:40:06 -04:00
func execCmd(cmd string, arg ...string) ([]byte, error) {
execCmd := exec.Command(cmd, arg...)
return execCmd.CombinedOutput()
}