mirror of
https://github.com/moby/moby.git
synced 2022-11-09 12:21:53 -05:00
Docker should use /var/lib/container/tmp for large temporary files.
/tmp is often a tmpfs file system and large temporary files could cause docker commands to fail. Also using /tmp potentially allows users on the system to get access to content, or even attack the content. Moving the tmpdir to /var/lib/container/tmp will protect the data. Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan) Conflicts: docker/docker.go
This commit is contained in:
Dan Walsh
parent
8f4b477c32
commit
b4813f2841
4 changed files with 37 additions and 5 deletions
18
utils/tmpdir_unix.go
Normal file
18
utils/tmpdir_unix.go
Normal file
|
|
@ -0,0 +1,18 @@
|
|||
// +build darwin dragonfly freebsd linux netbsd openbsd
|
||||
|
||||
package utils
|
||||
|
||||
import (
|
||||
"os"
|
||||
"path/filepath"
|
||||
)
|
||||
|
||||
// TempDir returns the default directory to use for temporary files.
|
||||
func TempDir(rootDir string) (string, error) {
|
||||
var tmpDir string
|
||||
if tmpDir = os.Getenv("DOCKER_TMPDIR"); tmpDir == "" {
|
||||
tmpDir = filepath.Join(rootDir, "tmp")
|
||||
}
|
||||
err := os.MkdirAll(tmpDir, 0700)
|
||||
return tmpDir, err
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue