Browse code
Fix ownership of non-existing parent dir
During "COPY" or other tar unpack operations, a target/destination
parent dir might not exist and should be created with ownership of the
root in the right context (including remapped root when user namespaces
are enabled)
Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
Phil Estes authored on 2016/02/27 11:50:50Showing 2 changed files
| ... | ... |
@@ -824,6 +824,26 @@ RUN [ $(ls -l /exists/exists_file | awk '{print $3":"$4}') = 'dockerio:dockerio'
|
| 824 | 824 |
} |
| 825 | 825 |
} |
| 826 | 826 |
|
| 827 |
+func (s *DockerSuite) TestBuildCopyToNewParentDirectory(c *check.C) {
|
|
| 828 |
+ testRequires(c, DaemonIsLinux) // Linux specific test |
|
| 829 |
+ name := "testcopytonewdir" |
|
| 830 |
+ ctx, err := fakeContext(`FROM busybox |
|
| 831 |
+COPY test_dir /new_dir |
|
| 832 |
+RUN [ $(ls -l / | grep new_dir | awk '{print $3":"$4}') = 'root:root' ]
|
|
| 833 |
+RUN ls -l /new_dir`, |
|
| 834 |
+ map[string]string{
|
|
| 835 |
+ "test_dir/test_file": "test file", |
|
| 836 |
+ }) |
|
| 837 |
+ if err != nil {
|
|
| 838 |
+ c.Fatal(err) |
|
| 839 |
+ } |
|
| 840 |
+ defer ctx.Close() |
|
| 841 |
+ |
|
| 842 |
+ if _, err := buildImageFromContext(name, ctx, true); err != nil {
|
|
| 843 |
+ c.Fatal(err) |
|
| 844 |
+ } |
|
| 845 |
+} |
|
| 846 |
+ |
|
| 827 | 847 |
func (s *DockerSuite) TestBuildAddMultipleFilesToFile(c *check.C) {
|
| 828 | 848 |
name := "testaddmultiplefilestofile" |
| 829 | 849 |
|
| ... | ... |
@@ -660,7 +660,7 @@ loop: |
| 660 | 660 |
parent := filepath.Dir(hdr.Name) |
| 661 | 661 |
parentPath := filepath.Join(dest, parent) |
| 662 | 662 |
if _, err := os.Lstat(parentPath); err != nil && os.IsNotExist(err) {
|
| 663 |
- err = system.MkdirAll(parentPath, 0777) |
|
| 663 |
+ err = idtools.MkdirAllNewAs(parentPath, 0777, remappedRootUID, remappedRootGID) |
|
| 664 | 664 |
if err != nil {
|
| 665 | 665 |
return err |
| 666 | 666 |
} |