Merge pull request #17035 from estesp/fix-build-dir-perms

Correct build-time directory creation with user namespaced daemon Upstream-commit: ad861876e8bb86091527f31fc944205743e5ce85 Component: engine
2015-10-20 08:57:19 -07:00
parent 348b7977d8 9aebf5450b
commit db6db88cda
8 changed files with 340 additions and 41 deletions
--- a/components/engine/pkg/chrootarchive/archive.go
+++ b/components/engine/pkg/chrootarchive/archive.go
@ -8,7 +8,7 @@ import (
 	"path/filepath"

 	"github.com/docker/docker/pkg/archive"
-	"github.com/docker/docker/pkg/system"
+	"github.com/docker/docker/pkg/idtools"
 )

 var chrootArchiver = &archive.Archiver{Untar: Untar}
@ -41,9 +41,14 @@ func untarHandler(tarArchive io.Reader, dest string, options *archive.TarOptions
 		options.ExcludePatterns = []string{}
 	}

+	rootUID, rootGID, err := idtools.GetRootUIDGID(options.UIDMaps, options.GIDMaps)
+	if err != nil {
+		return err
+	}
+
 	dest = filepath.Clean(dest)
 	if _, err := os.Stat(dest); os.IsNotExist(err) {
-		if err := system.MkdirAll(dest, 0777); err != nil {
+		if err := idtools.MkdirAllNewAs(dest, 0755, rootUID, rootGID); err != nil {
 			return err
 		}
 	}