kotovalexarian-likes-github/moby--moby
1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
Code Releases Activity

Fix ZFS permissions bug with user namespaces

Browse source 
Fix root directory of the mountpoint being owned by real root. This is
unique to ZFS because of the way file mountpoints are created using the
ZFS tooling, and the remapping that happens at layer unpack doesn't
impact this root (already created) holding directory for the layer.

Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
This commit is contained in:
Phil Estes 2016-02-05 14:37:33 -05:00
parent 1573960dca
commit aef0995b02
1 changed files with 6 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
daemon/graphdriver/zfs/zfs.go
View file

@ -308,10 +308,14 @@ func (d *Driver) Get(id, mountLabel string) (string, error) {
return "", err return "", err
} }
err = mount.Mount(filesystem, mountpoint, "zfs", options) if err := mount.Mount(filesystem, mountpoint, "zfs", options); err != nil {
if err != nil {
return "", fmt.Errorf("error creating zfs mount of %s to %s: %v", filesystem, mountpoint, err) return "", fmt.Errorf("error creating zfs mount of %s to %s: %v", filesystem, mountpoint, err)
} }
// this could be our first mount after creation of the filesystem, and the root dir may still have root
// permissions instead of the remapped root uid:gid (if user namespaces are enabled):
if err := os.Chown(mountpoint, rootUID, rootGID); err != nil {
return "", fmt.Errorf("error modifying zfs mountpoint (%s) directory ownership: %v", mountpoint, err)
}
return mountpoint, nil return mountpoint, nil
} }