toolshed/docker-cli
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix overlay and user namespace permissions

Browse Source 
All underlay dirs need proper remapped ownership. This bug was masked by the
fact that the setupInitLayer code was chown'ing the dirs at startup
time. Since that bug is now fixed, it revealed this permissions issue.

Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
Upstream-commit: 191cefbaca45ba86341379d09d2f75d5fc1868fb
Component: engine
This commit is contained in:
Phil Estes
2015-12-08 14:28:28 -05:00
parent 6b0cda08d9
commit 6021acc699
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
components/engine/daemon/graphdriver/overlay/overlay.go
View File

@ -270,10 +270,10 @@ func (d *Driver) Create(id, parent, mountLabel string) (retErr error) {
parentRoot := path.Join(parentDir, "root")
if s, err := os.Lstat(parentRoot); err == nil {
if err := os.Mkdir(path.Join(dir, "upper"), s.Mode()); err != nil {
if err := idtools.MkdirAs(path.Join(dir, "upper"), s.Mode(), rootUID, rootGID); err != nil {
return err
}
if err := os.Mkdir(path.Join(dir, "work"), 0700); err != nil {
if err := idtools.MkdirAs(path.Join(dir, "work"), 0700, rootUID, rootGID); err != nil {
return err
}
if err := idtools.MkdirAs(path.Join(dir, "merged"), 0700, rootUID, rootGID); err != nil {
@ -303,10 +303,10 @@ func (d *Driver) Create(id, parent, mountLabel string) (retErr error) {
}
upperDir := path.Join(dir, "upper")
if err := os.Mkdir(upperDir, s.Mode()); err != nil {
if err := idtools.MkdirAs(upperDir, s.Mode(), rootUID, rootGID); err != nil {
return err
}
if err := os.Mkdir(path.Join(dir, "work"), 0700); err != nil {
if err := idtools.MkdirAs(path.Join(dir, "work"), 0700, rootUID, rootGID); err != nil {
return err
}
if err := idtools.MkdirAs(path.Join(dir, "merged"), 0700, rootUID, rootGID); err != nil {