1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00

Change owner only on copied content

Fixes #5110
Docker-DCO-1.1-Signed-off-by: Alexandr Morozov <lk4d4math@gmail.com> (github: LK4D4)
This commit is contained in:
LK4D4 2014-04-09 18:21:22 +04:00 committed by Alexandr Morozov
parent ddd0470ed1
commit 91b7d8ebd3
15 changed files with 185 additions and 6 deletions

View file

@ -418,6 +418,9 @@ func Untar(archive io.Reader, dest string, options *TarOptions) error {
// the layer is also a directory. Then we want to merge them (i.e. // the layer is also a directory. Then we want to merge them (i.e.
// just apply the metadata from the layer). // just apply the metadata from the layer).
if fi, err := os.Lstat(path); err == nil { if fi, err := os.Lstat(path); err == nil {
if fi.IsDir() && hdr.Name == "." {
continue
}
if !(fi.IsDir() && hdr.Typeflag == tar.TypeDir) { if !(fi.IsDir() && hdr.Typeflag == tar.TypeDir) {
if err := os.RemoveAll(path); err != nil { if err := os.RemoveAll(path); err != nil {
return err return err

View file

@ -0,0 +1,10 @@
FROM busybox
RUN echo 'dockerio:x:1001:1001::/bin:/bin/false' >> /etc/passwd
RUN echo 'dockerio:x:1001:' >> /etc/group
RUN mkdir /exists
RUN touch /exists/exists_file
RUN chown -R dockerio.dockerio /exists
ADD test_dir/ /exists/
RUN [ $(ls -l / | grep exists | awk '{print $3":"$4}') = 'dockerio:dockerio' ]
RUN [ $(ls -l /exists/exists_file | awk '{print $3":"$4}') = 'dockerio:dockerio' ]
RUN [ $(ls -l /exists/test_file | awk '{print $3":"$4}') = 'root:root' ]

View file

@ -0,0 +1,8 @@
FROM busybox
RUN echo 'dockerio:x:1001:1001::/bin:/bin/false' >> /etc/passwd
RUN echo 'dockerio:x:1001:' >> /etc/group
RUN touch /exists
RUN chown dockerio.dockerio exists
ADD test_dir /
RUN [ $(ls -l /test_file | awk '{print $3":"$4}') = 'root:root' ]
RUN [ $(ls -l /exists | awk '{print $3":"$4}') = 'dockerio:dockerio' ]

View file

@ -0,0 +1,10 @@
FROM busybox
RUN echo 'dockerio:x:1001:1001::/bin:/bin/false' >> /etc/passwd
RUN echo 'dockerio:x:1001:' >> /etc/group
RUN mkdir /exists
RUN touch /exists/exists_file
RUN chown -R dockerio.dockerio /exists
ADD test_file /exists/
RUN [ $(ls -l / | grep exists | awk '{print $3":"$4}') = 'dockerio:dockerio' ]
RUN [ $(ls -l /exists/test_file | awk '{print $3":"$4}') = 'root:root' ]
RUN [ $(ls -l /exists/exists_file | awk '{print $3":"$4}') = 'dockerio:dockerio' ]

View file

@ -0,0 +1,9 @@
FROM busybox
RUN echo 'dockerio:x:1001:1001::/bin:/bin/false' >> /etc/passwd
RUN echo 'dockerio:x:1001:' >> /etc/group
RUN touch /exists
RUN chown dockerio.dockerio /exists
ADD test_file /test_dir/
RUN [ $(ls -l / | grep test_dir | awk '{print $3":"$4}') = 'root:root' ]
RUN [ $(ls -l /test_dir/test_file | awk '{print $3":"$4}') = 'root:root' ]
RUN [ $(ls -l /exists | awk '{print $3":"$4}') = 'dockerio:dockerio' ]

View file

@ -0,0 +1,8 @@
FROM busybox
RUN echo 'dockerio:x:1001:1001::/bin:/bin/false' >> /etc/passwd
RUN echo 'dockerio:x:1001:' >> /etc/group
RUN touch /exists
RUN chown dockerio.dockerio /exists
ADD test_file /
RUN [ $(ls -l /test_file | awk '{print $3":"$4}') = 'root:root' ]
RUN [ $(ls -l /exists | awk '{print $3":"$4}') = 'dockerio:dockerio' ]

View file

@ -0,0 +1,9 @@
FROM busybox
RUN echo 'dockerio:x:1001:1001::/bin:/bin/false' >> /etc/passwd
RUN echo 'dockerio:x:1001:' >> /etc/group
RUN touch /exists
RUN chown dockerio.dockerio exists
ADD test_dir /test_dir
RUN [ $(ls -l / | grep test_dir | awk '{print $3":"$4}') = 'root:root' ]
RUN [ $(ls -l /test_dir/test_file | awk '{print $3":"$4}') = 'root:root' ]
RUN [ $(ls -l /exists | awk '{print $3":"$4}') = 'dockerio:dockerio' ]

View file

@ -23,6 +23,102 @@ func TestBuildSixtySteps(t *testing.T) {
logDone("build - build an image with sixty build steps") logDone("build - build an image with sixty build steps")
} }
func TestAddSingleFileToRoot(t *testing.T) {
buildDirectory := filepath.Join(workingDirectory, "build_tests", "TestAdd")
buildCmd := exec.Command(dockerBinary, "build", "-t", "testaddimg", "SingleFileToRoot")
buildCmd.Dir = buildDirectory
out, exitCode, err := runCommandWithOutput(buildCmd)
errorOut(err, t, fmt.Sprintf("build failed to complete: %v %v", out, err))
if err != nil || exitCode != 0 {
t.Fatal("failed to build the image")
}
deleteImages("testaddimg")
logDone("build - add single file to root")
}
func TestAddSingleFileToExistDir(t *testing.T) {
buildDirectory := filepath.Join(workingDirectory, "build_tests", "TestAdd")
buildCmd := exec.Command(dockerBinary, "build", "-t", "testaddimg", "SingleFileToExistDir")
buildCmd.Dir = buildDirectory
out, exitCode, err := runCommandWithOutput(buildCmd)
errorOut(err, t, fmt.Sprintf("build failed to complete: %v %v", out, err))
if err != nil || exitCode != 0 {
t.Fatal("failed to build the image")
}
deleteImages("testaddimg")
logDone("build - add single file to existing dir")
}
func TestAddSingleFileToNonExistDir(t *testing.T) {
buildDirectory := filepath.Join(workingDirectory, "build_tests", "TestAdd")
buildCmd := exec.Command(dockerBinary, "build", "-t", "testaddimg", "SingleFileToNonExistDir")
buildCmd.Dir = buildDirectory
out, exitCode, err := runCommandWithOutput(buildCmd)
errorOut(err, t, fmt.Sprintf("build failed to complete: %v %v", out, err))
if err != nil || exitCode != 0 {
t.Fatal("failed to build the image")
}
deleteImages("testaddimg")
logDone("build - add single file to non-existing dir")
}
func TestAddDirContentToRoot(t *testing.T) {
buildDirectory := filepath.Join(workingDirectory, "build_tests", "TestAdd")
buildCmd := exec.Command(dockerBinary, "build", "-t", "testaddimg", "DirContentToRoot")
buildCmd.Dir = buildDirectory
out, exitCode, err := runCommandWithOutput(buildCmd)
errorOut(err, t, fmt.Sprintf("build failed to complete: %v %v", out, err))
if err != nil || exitCode != 0 {
t.Fatal("failed to build the image")
}
deleteImages("testaddimg")
logDone("build - add directory contents to root")
}
func TestAddDirContentToExistDir(t *testing.T) {
buildDirectory := filepath.Join(workingDirectory, "build_tests", "TestAdd")
buildCmd := exec.Command(dockerBinary, "build", "-t", "testaddimg", "DirContentToExistDir")
buildCmd.Dir = buildDirectory
out, exitCode, err := runCommandWithOutput(buildCmd)
errorOut(err, t, fmt.Sprintf("build failed to complete: %v %v", out, err))
if err != nil || exitCode != 0 {
t.Fatal("failed to build the image")
}
deleteImages("testaddimg")
logDone("build - add directory contents to existing dir")
}
func TestAddWholeDirToRoot(t *testing.T) {
buildDirectory := filepath.Join(workingDirectory, "build_tests", "TestAdd")
buildCmd := exec.Command(dockerBinary, "build", "-t", "testaddimg", "WholeDirToRoot")
buildCmd.Dir = buildDirectory
out, exitCode, err := runCommandWithOutput(buildCmd)
errorOut(err, t, fmt.Sprintf("build failed to complete: %v %v", out, err))
if err != nil || exitCode != 0 {
t.Fatal("failed to build the image")
}
deleteImages("testaddimg")
logDone("build - add whole directory to root")
}
// TODO: TestCaching // TODO: TestCaching
// TODO: TestADDCacheInvalidation // TODO: TestADDCacheInvalidation

View file

@ -386,9 +386,10 @@ func (b *buildFile) checkPathForAddition(orig string) error {
func (b *buildFile) addContext(container *daemon.Container, orig, dest string, remote bool) error { func (b *buildFile) addContext(container *daemon.Container, orig, dest string, remote bool) error {
var ( var (
err error err error
origPath = path.Join(b.contextPath, orig) destExists = true
destPath = path.Join(container.RootfsPath(), dest) origPath = path.Join(b.contextPath, orig)
destPath = path.Join(container.RootfsPath(), dest)
) )
if destPath != container.RootfsPath() { if destPath != container.RootfsPath() {
@ -402,6 +403,14 @@ func (b *buildFile) addContext(container *daemon.Container, orig, dest string, r
if strings.HasSuffix(dest, "/") { if strings.HasSuffix(dest, "/") {
destPath = destPath + "/" destPath = destPath + "/"
} }
destStat, err := os.Stat(destPath)
if err != nil {
if os.IsNotExist(err) {
destExists = false
} else {
return err
}
}
fi, err := os.Stat(origPath) fi, err := os.Stat(origPath)
if err != nil { if err != nil {
if os.IsNotExist(err) { if os.IsNotExist(err) {
@ -423,8 +432,20 @@ func (b *buildFile) addContext(container *daemon.Container, orig, dest string, r
if err := archive.CopyWithTar(origPath, destPath); err != nil { if err := archive.CopyWithTar(origPath, destPath); err != nil {
return err return err
} }
if err := chownR(destPath, 0, 0); err != nil { if destExists {
return err files, err := ioutil.ReadDir(origPath)
if err != nil {
return err
}
for _, file := range files {
if err := chownR(filepath.Join(destPath, file.Name()), 0, 0); err != nil {
return err
}
}
} else {
if err := chownR(destPath, 0, 0); err != nil {
return err
}
} }
return nil return nil
} }
@ -456,7 +477,12 @@ func (b *buildFile) addContext(container *daemon.Container, orig, dest string, r
return err return err
} }
if err := chownR(destPath, 0, 0); err != nil { resPath := destPath
if destExists && destStat.IsDir() {
resPath = path.Join(destPath, path.Base(origPath))
}
if err := chownR(resPath, 0, 0); err != nil {
return err return err
} }
return nil return nil