1. docker
  2. Commit 6f084f292932c464a30b56edb9edbe238bdcf0aa
Browse code

Fix FIFO, sockets and device files when run in user NS

commit 617c352e9225 "Don't create devices if in a user namespace"

introduced check, which meant to skip mknod operation when run
in user namespace, but instread skipped FIFO and socket files
copy.

Signed-off-by: Maxim Ivanov <ivanov.maxim@gmail.com>

Maxim Ivanov authored on 2018/04/01 20:16:04
Showing 1 changed files
daemon/graphdriver/copy/copy.go
History View file @ 6f084f2
... ... 
@@ -189,15 +189,15 @@ func DirCopy(srcDir, dstDir string, copyMode Mode, copyXattrs bool) error {
189 189 
 		case os.ModeNamedPipe:
190 190 
 			fallthrough
191 191 
 		case os.ModeSocket:
192 
-			if rsystem.RunningInUserNS() {
193 
-				// cannot create a device if running in user namespace
194 
-				return nil
195 
-			}
196 192 
 			if err := unix.Mkfifo(dstPath, stat.Mode); err != nil {
197 193 
 				return err
198 194 
 			}
199 195
200 196 
 		case os.ModeDevice:
197 
+			if rsystem.RunningInUserNS() {
198 
+				// cannot create a device if running in user namespace
199 
+				return nil
200 
+			}
201 201 
 			if err := unix.Mknod(dstPath, stat.Mode, int(stat.Rdev)); err != nil {
202 202 
 				return err
203 203 
 			}