kotovalexarian-likes-github/moby--moby
1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
Code Releases Activity
moby--moby/daemon/volumes_windows.go
Salahuddin Khan 763d839261 Add ADD/COPY --chown flag support to Windows 
This implements chown support on Windows. Built-in accounts as well
as accounts included in the SAM database of the container are supported.

NOTE: IDPair is now named Identity and IDMappings is now named
IdentityMapping.

The following are valid examples:
ADD --chown=Guest . <some directory>
COPY --chown=Administrator . <some directory>
COPY --chown=Guests . <some directory>
COPY --chown=ContainerUser . <some directory>

On Windows an owner is only granted the permission to read the security
descriptor and read/write the discretionary access control list. This
fix also grants read/write and execute permissions to the owner.

Signed-off-by: Salahuddin Khan <salah@docker.com>
2018-08-13 21:59:11 -07:00

51 lines
1.5 KiB
Go
Raw Blame History

package daemon // import "github.com/docker/docker/daemon"
import (
"sort"
"github.com/docker/docker/api/types/mount"
"github.com/docker/docker/container"
"github.com/docker/docker/pkg/idtools"
volumemounts "github.com/docker/docker/volume/mounts"
)
// setupMounts configures the mount points for a container by appending each
// of the configured mounts on the container to the OCI mount structure
// which will ultimately be passed into the oci runtime during container creation.
// It also ensures each of the mounts are lexicographically sorted.
// BUGBUG TODO Windows containerd. This would be much better if it returned
// an array of runtime spec mounts, not container mounts. Then no need to
// do multiple transitions.
func (daemon *Daemon) setupMounts(c *container.Container) ([]container.Mount, error) {
var mnts []container.Mount
for _, mount := range c.MountPoints { // type is volumemounts.MountPoint
if err := daemon.lazyInitializeVolume(c.ID, mount); err != nil {
return nil, err
}
s, err := mount.Setup(c.MountLabel, idtools.Identity{}, nil)
if err != nil {
return nil, err
}
mnts = append(mnts, container.Mount{
Source: s,
Destination: mount.Destination,
Writable: mount.RW,
})
}
sort.Sort(mounts(mnts))
return mnts, nil
}
// setBindModeIfNull is platform specific processing which is a no-op on
// Windows.
func setBindModeIfNull(bind *volumemounts.MountPoint) {
return
}
func (daemon *Daemon) validateBindDaemonRoot(m mount.Mount) (bool, error) {
return false, nil
}
View git blame Copy permalink