mirror of
https://github.com/moby/moby.git
synced 2022-11-09 12:21:53 -05:00
Fix secret and config mode issue
This fix tries to address the issue raised in 36042 where secret and config are not configured with the specified file mode. This fix update the file mode so that it is not impacted with umask. Additional tests have been added. This fix fixes 36042. Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
This commit is contained in:
parent
9368e9dac3
commit
3305221eef
1 changed files with 6 additions and 0 deletions
|
@ -239,6 +239,9 @@ func (daemon *Daemon) setupSecretDir(c *container.Container) (setupErr error) {
|
||||||
if err := os.Chown(fPath, rootIDs.UID+uid, rootIDs.GID+gid); err != nil {
|
if err := os.Chown(fPath, rootIDs.UID+uid, rootIDs.GID+gid); err != nil {
|
||||||
return errors.Wrap(err, "error setting ownership for secret")
|
return errors.Wrap(err, "error setting ownership for secret")
|
||||||
}
|
}
|
||||||
|
if err := os.Chmod(fPath, s.File.Mode); err != nil {
|
||||||
|
return errors.Wrap(err, "error setting file mode for secret")
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
label.Relabel(localMountPath, c.MountLabel, false)
|
label.Relabel(localMountPath, c.MountLabel, false)
|
||||||
|
@ -320,6 +323,9 @@ func (daemon *Daemon) setupConfigDir(c *container.Container) (setupErr error) {
|
||||||
if err := os.Chown(fPath, rootIDs.UID+uid, rootIDs.GID+gid); err != nil {
|
if err := os.Chown(fPath, rootIDs.UID+uid, rootIDs.GID+gid); err != nil {
|
||||||
return errors.Wrap(err, "error setting ownership for config")
|
return errors.Wrap(err, "error setting ownership for config")
|
||||||
}
|
}
|
||||||
|
if err := os.Chmod(fPath, configRef.File.Mode); err != nil {
|
||||||
|
return errors.Wrap(err, "error setting file mode for config")
|
||||||
|
}
|
||||||
|
|
||||||
label.Relabel(fPath, c.MountLabel, false)
|
label.Relabel(fPath, c.MountLabel, false)
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue