package daemon // import "github.com/docker/docker/daemon" import ( "os" "github.com/docker/docker/pkg/ioutils" "github.com/docker/libtrust" "github.com/google/uuid" "github.com/pkg/errors" "github.com/sirupsen/logrus" ) // loadOrCreateID loads the engine's ID from idPath, or generates a new ID // if it doesn't exist. It returns the ID, and any error that occurred when // saving the file. // // Note that this function expects the daemon's root directory to already have // been created with the right permissions and ownership (usually this would // be done by daemon.CreateDaemonRoot(). func loadOrCreateID(idPath string) (string, error) { var id string idb, err := os.ReadFile(idPath) if os.IsNotExist(err) { id = uuid.New().String() if err := ioutils.AtomicWriteFile(idPath, []byte(id), os.FileMode(0600)); err != nil { return "", errors.Wrap(err, "error saving ID file") } } else if err != nil { return "", errors.Wrapf(err, "error loading ID file %s", idPath) } else { id = string(idb) } return id, nil } // migrateTrustKeyID migrates the daemon ID of existing installations. It returns // an error when a trust-key was found, but we failed to read it, or failed to // complete the migration. // // We migrate the ID so that engines don't get a new ID generated on upgrades, // which may be unexpected (and users may be using the ID for various purposes). func migrateTrustKeyID(deprecatedTrustKeyPath, idPath string) error { if _, err := os.Stat(idPath); err == nil { // engine ID file already exists; no migration needed return nil } trustKey, err := libtrust.LoadKeyFile(deprecatedTrustKeyPath) if err != nil { if err == libtrust.ErrKeyFileDoesNotExist { // no existing trust-key found; no migration needed return nil } return err } id := trustKey.PublicKey().KeyID() if err := ioutils.AtomicWriteFile(idPath, []byte(id), os.FileMode(0600)); err != nil { return errors.Wrap(err, "error saving ID file") } logrus.Info("successfully migrated engine ID") return nil }