Browse code
daemon/initlayer: Setup: remove uses of idtools.Identity
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Sebastiaan van Stijn authored on 2025/04/16 06:27:24Showing 5 changed files
- daemon/create.go
- daemon/daemon_unix.go
- daemon/daemon_windows.go
- daemon/initlayer/setup_unix.go
- plugin/manager_linux.go
| ... | ... |
@@ -228,7 +228,7 @@ func (daemon *Daemon) create(ctx context.Context, daemonCfg *config.Config, opts |
| 228 | 228 |
ctr.ImageManifest = imgManifest |
| 229 | 229 |
|
| 230 | 230 |
// Set RWLayer for container after mount labels have been set |
| 231 |
- rwLayer, err := daemon.imageService.CreateLayer(ctr, setupInitLayer(daemon.idMapping)) |
|
| 231 |
+ rwLayer, err := daemon.imageService.CreateLayer(ctr, setupInitLayer(daemon.idMapping.RootPair())) |
|
| 232 | 232 |
if err != nil {
|
| 233 | 233 |
return nil, errdefs.System(err) |
| 234 | 234 |
} |
| ... | ... |
@@ -41,7 +41,6 @@ import ( |
| 41 | 41 |
"github.com/docker/docker/libnetwork/options" |
| 42 | 42 |
lntypes "github.com/docker/docker/libnetwork/types" |
| 43 | 43 |
"github.com/docker/docker/opts" |
| 44 |
- "github.com/docker/docker/pkg/idtools" |
|
| 45 | 44 |
"github.com/docker/docker/pkg/sysinfo" |
| 46 | 45 |
"github.com/docker/docker/runconfig" |
| 47 | 46 |
volumemounts "github.com/docker/docker/volume/mounts" |
| ... | ... |
@@ -1256,10 +1255,9 @@ func removeDefaultBridgeInterface() {
|
| 1256 | 1256 |
} |
| 1257 | 1257 |
} |
| 1258 | 1258 |
|
| 1259 |
-func setupInitLayer(idMapping user.IdentityMapping) func(string) error {
|
|
| 1259 |
+func setupInitLayer(uid int, gid int) func(string) error {
|
|
| 1260 | 1260 |
return func(initPath string) error {
|
| 1261 |
- uid, gid := idMapping.RootPair() |
|
| 1262 |
- return initlayer.Setup(initPath, idtools.Identity{UID: uid, GID: gid})
|
|
| 1261 |
+ return initlayer.Setup(initPath, uid, gid) |
|
| 1263 | 1262 |
} |
| 1264 | 1263 |
} |
| 1265 | 1264 |
|
| ... | ... |
@@ -56,7 +56,7 @@ func (daemon *Daemon) parseSecurityOpt(daemonCfg *config.Config, securityOptions |
| 56 | 56 |
return nil |
| 57 | 57 |
} |
| 58 | 58 |
|
| 59 |
-func setupInitLayer(idMapping user.IdentityMapping) func(string) error {
|
|
| 59 |
+func setupInitLayer(uid int, gid int) func(string) error {
|
|
| 60 | 60 |
return nil |
| 61 | 61 |
} |
| 62 | 62 |
|
| ... | ... |
@@ -7,7 +7,6 @@ import ( |
| 7 | 7 |
"path/filepath" |
| 8 | 8 |
"strings" |
| 9 | 9 |
|
| 10 |
- "github.com/docker/docker/pkg/idtools" |
|
| 11 | 10 |
"github.com/moby/sys/user" |
| 12 | 11 |
"golang.org/x/sys/unix" |
| 13 | 12 |
) |
| ... | ... |
@@ -17,7 +16,7 @@ import ( |
| 17 | 17 |
// |
| 18 | 18 |
// This extra layer is used by all containers as the top-most ro layer. It protects |
| 19 | 19 |
// the container from unwanted side-effects on the rw layer. |
| 20 |
-func Setup(initLayerFs string, rootIdentity idtools.Identity) error {
|
|
| 20 |
+func Setup(initLayerFs string, uid int, gid int) error {
|
|
| 21 | 21 |
// Since all paths are local to the container, we can just extract initLayerFs.Path() |
| 22 | 22 |
initLayer := initLayerFs |
| 23 | 23 |
|
| ... | ... |
@@ -42,12 +41,12 @@ func Setup(initLayerFs string, rootIdentity idtools.Identity) error {
|
| 42 | 42 |
|
| 43 | 43 |
if _, err := os.Stat(filepath.Join(initLayer, pth)); err != nil {
|
| 44 | 44 |
if os.IsNotExist(err) {
|
| 45 |
- if err := user.MkdirAllAndChown(filepath.Join(initLayer, filepath.Dir(pth)), 0o755, rootIdentity.UID, rootIdentity.GID, user.WithOnlyNew); err != nil {
|
|
| 45 |
+ if err := user.MkdirAllAndChown(filepath.Join(initLayer, filepath.Dir(pth)), 0o755, uid, gid, user.WithOnlyNew); err != nil {
|
|
| 46 | 46 |
return err |
| 47 | 47 |
} |
| 48 | 48 |
switch typ {
|
| 49 | 49 |
case "dir": |
| 50 |
- if err := user.MkdirAllAndChown(filepath.Join(initLayer, pth), 0o755, rootIdentity.UID, rootIdentity.GID, user.WithOnlyNew); err != nil {
|
|
| 50 |
+ if err := user.MkdirAllAndChown(filepath.Join(initLayer, pth), 0o755, uid, gid, user.WithOnlyNew); err != nil {
|
|
| 51 | 51 |
return err |
| 52 | 52 |
} |
| 53 | 53 |
case "file": |
| ... | ... |
@@ -55,7 +54,7 @@ func Setup(initLayerFs string, rootIdentity idtools.Identity) error {
|
| 55 | 55 |
if err != nil {
|
| 56 | 56 |
return err |
| 57 | 57 |
} |
| 58 |
- f.Chown(rootIdentity.UID, rootIdentity.GID) |
|
| 58 |
+ f.Chown(uid, gid) |
|
| 59 | 59 |
f.Close() |
| 60 | 60 |
default: |
| 61 | 61 |
if err := os.Symlink(typ, filepath.Join(initLayer, pth)); err != nil {
|
| ... | ... |
@@ -13,7 +13,6 @@ import ( |
| 13 | 13 |
"github.com/docker/docker/api/types" |
| 14 | 14 |
"github.com/docker/docker/daemon/initlayer" |
| 15 | 15 |
"github.com/docker/docker/errdefs" |
| 16 |
- "github.com/docker/docker/pkg/idtools" |
|
| 17 | 16 |
"github.com/docker/docker/pkg/plugins" |
| 18 | 17 |
"github.com/docker/docker/pkg/stringid" |
| 19 | 18 |
v2 "github.com/docker/docker/plugin/v2" |
| ... | ... |
@@ -55,7 +54,7 @@ func (pm *Manager) enable(p *v2.Plugin, c *controller, force bool) error {
|
| 55 | 55 |
} |
| 56 | 56 |
|
| 57 | 57 |
rootFS := filepath.Join(pm.config.Root, p.PluginObj.ID, rootFSFileName) |
| 58 |
- if err := initlayer.Setup(rootFS, idtools.Identity{UID: 0, GID: 0}); err != nil {
|
|
| 58 |
+ if err := initlayer.Setup(rootFS, 0, 0); err != nil {
|
|
| 59 | 59 |
return errors.WithStack(err) |
| 60 | 60 |
} |
| 61 | 61 |
|