mirror of
https://github.com/moby/moby.git
synced 2022-11-09 12:21:53 -05:00
Add key migration to daemon
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
This commit is contained in:
Derek McGowan
parent
06af013f8b
commit
007ef161b4
2 changed files with 51 additions and 0 deletions
|
|
@ -3,6 +3,11 @@
|
|||
package main
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"io"
|
||||
"os"
|
||||
"path/filepath"
|
||||
|
||||
log "github.com/Sirupsen/logrus"
|
||||
"github.com/docker/docker/builder"
|
||||
"github.com/docker/docker/builtins"
|
||||
|
|
@ -14,6 +19,7 @@ import (
|
|||
flag "github.com/docker/docker/pkg/mflag"
|
||||
"github.com/docker/docker/pkg/signal"
|
||||
"github.com/docker/docker/registry"
|
||||
"github.com/docker/docker/utils"
|
||||
)
|
||||
|
||||
const CanDaemon = true
|
||||
|
|
@ -28,6 +34,38 @@ func init() {
|
|||
registryCfg.InstallFlags()
|
||||
}
|
||||
|
||||
func migrateKey() error {
|
||||
// Migrate trust key if exists at ~/.docker/key.json and owned by current user
|
||||
oldPath := filepath.Join(getHomeDir(), ".docker", defaultTrustKeyFile)
|
||||
newPath := filepath.Join(getDaemonConfDir(), defaultTrustKeyFile)
|
||||
if _, err := os.Stat(newPath); os.IsNotExist(err) && utils.IsFileOwner(oldPath) {
|
||||
if err := os.MkdirAll(getDaemonConfDir(), os.FileMode(0644)); err != nil {
|
||||
return fmt.Errorf("Unable to create daemon configuraiton directory: %s", err)
|
||||
}
|
||||
|
||||
newFile, err := os.OpenFile(newPath, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0600)
|
||||
if err != nil {
|
||||
return fmt.Errorf("error creating key file %q: %s", newPath, err)
|
||||
}
|
||||
defer newFile.Close()
|
||||
|
||||
oldFile, err := os.Open(oldPath)
|
||||
if err != nil {
|
||||
return fmt.Errorf("error opening open key file %q: %s", oldPath, err)
|
||||
}
|
||||
|
||||
if _, err := io.Copy(newFile, oldFile); err != nil {
|
||||
return fmt.Errorf("error copying key: %s", err)
|
||||
}
|
||||
|
||||
oldFile.Close()
|
||||
log.Debugf("Migrated key from %s to %s", oldPath, newPath)
|
||||
return os.Remove(oldPath)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func mainDaemon() {
|
||||
if flag.NArg() != 0 {
|
||||
flag.Usage()
|
||||
|
|
@ -36,6 +74,9 @@ func mainDaemon() {
|
|||
eng := engine.New()
|
||||
signal.Trap(eng.Shutdown)
|
||||
|
||||
if err := migrateKey(); err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
daemonCfg.TrustKeyPath = *flTrustKey
|
||||
|
||||
// Load builtins
|
||||
|
|
|
|||
|
|
@ -37,3 +37,13 @@ func TreeSize(dir string) (size int64, err error) {
|
|||
})
|
||||
return
|
||||
}
|
||||
|
||||
// IsFileOwner checks whether the current user is the owner of the given file.
|
||||
func IsFileOwner(f string) bool {
|
||||
if fileInfo, err := os.Stat(f); err == nil && fileInfo != nil {
|
||||
if stat, ok := fileInfo.Sys().(*syscall.Stat_t); ok && int(stat.Uid) == os.Getuid() {
|
||||
return true
|
||||
}
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue