Browse code
daemon.setupPathsAndSandboxOptions() skip resolving symlinks
This came up in a review of a5324d69508c117d3ede94272041ae8fc2ad4bbf, but
for some reason that comment didn't find its way to GitHub, and/or I
forgot to push the change.
These files are "copied" by reading their content with ioutil.Readfile(),
resolving the symlinks should therefore not be needed, and paths can be
passed as-is;
```go
func copyFile(src, dst string) error {
sBytes, err := ioutil.ReadFile(src)
if err != nil {
return err
}
return ioutil.WriteFile(dst, sBytes, filePerm)
}
```
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Sebastiaan van Stijn authored on 2020/08/10 19:27:24Showing 1 changed files
| ... | ... |
@@ -399,21 +399,11 @@ func (daemon *Daemon) setupPathsAndSandboxOptions(container *container.Container |
| 399 | 399 |
case container.HostConfig.NetworkMode.IsHost(): |
| 400 | 400 |
// In host-mode networking, the container does not have its own networking |
| 401 | 401 |
// namespace, so both `/etc/hosts` and `/etc/resolv.conf` should be the same |
| 402 |
- // as on the host itself. The container gets a copy of these files, but they |
|
| 403 |
- // may be symlinked, so resolve the original path first. |
|
| 404 |
- etcHosts, err := filepath.EvalSymlinks("/etc/hosts")
|
|
| 405 |
- if err != nil {
|
|
| 406 |
- return err |
|
| 407 |
- } |
|
| 408 |
- resolvConf, err := filepath.EvalSymlinks("/etc/resolv.conf")
|
|
| 409 |
- if err != nil {
|
|
| 410 |
- return err |
|
| 411 |
- } |
|
| 412 |
- |
|
| 402 |
+ // as on the host itself. The container gets a copy of these files. |
|
| 413 | 403 |
*sboxOptions = append( |
| 414 | 404 |
*sboxOptions, |
| 415 |
- libnetwork.OptionOriginHostsPath(etcHosts), |
|
| 416 |
- libnetwork.OptionOriginResolvConfPath(resolvConf), |
|
| 405 |
+ libnetwork.OptionOriginHostsPath("/etc/hosts"),
|
|
| 406 |
+ libnetwork.OptionOriginResolvConfPath("/etc/resolv.conf"),
|
|
| 417 | 407 |
) |
| 418 | 408 |
case container.HostConfig.NetworkMode.IsUserDefined(): |
| 419 | 409 |
// The container uses a user-defined network. We use the embedded DNS |
| ... | ... |
@@ -427,11 +417,10 @@ func (daemon *Daemon) setupPathsAndSandboxOptions(container *container.Container |
| 427 | 427 |
// If systemd-resolvd is used, the "upstream" DNS servers can be found in |
| 428 | 428 |
// /run/systemd/resolve/resolv.conf. We do not query those DNS servers |
| 429 | 429 |
// directly, as they can be dynamically reconfigured. |
| 430 |
- resolvConf, err := filepath.EvalSymlinks("/etc/resolv.conf")
|
|
| 431 |
- if err != nil {
|
|
| 432 |
- return err |
|
| 433 |
- } |
|
| 434 |
- *sboxOptions = append(*sboxOptions, libnetwork.OptionOriginResolvConfPath(resolvConf)) |
|
| 430 |
+ *sboxOptions = append( |
|
| 431 |
+ *sboxOptions, |
|
| 432 |
+ libnetwork.OptionOriginResolvConfPath("/etc/resolv.conf"),
|
|
| 433 |
+ ) |
|
| 435 | 434 |
default: |
| 436 | 435 |
// For other situations, such as the default bridge network, container |
| 437 | 436 |
// discovery / name resolution is handled through /etc/hosts, and no |
| ... | ... |
@@ -444,11 +433,10 @@ func (daemon *Daemon) setupPathsAndSandboxOptions(container *container.Container |
| 444 | 444 |
// DNS servers on the host can be dynamically updated. |
| 445 | 445 |
// |
| 446 | 446 |
// Copy the host's resolv.conf for the container (/run/systemd/resolve/resolv.conf or /etc/resolv.conf) |
| 447 |
- resolvConf, err := filepath.EvalSymlinks(daemon.configStore.GetResolvConf()) |
|
| 448 |
- if err != nil {
|
|
| 449 |
- return err |
|
| 450 |
- } |
|
| 451 |
- *sboxOptions = append(*sboxOptions, libnetwork.OptionOriginResolvConfPath(resolvConf)) |
|
| 447 |
+ *sboxOptions = append( |
|
| 448 |
+ *sboxOptions, |
|
| 449 |
+ libnetwork.OptionOriginResolvConfPath(daemon.configStore.GetResolvConf()), |
|
| 450 |
+ ) |
|
| 452 | 451 |
} |
| 453 | 452 |
|
| 454 | 453 |
container.HostsPath, err = container.GetRootResourcePath("hosts")
|