diff options
author | Tianon Gravi <admwiggin@gmail.com> | 2020-09-25 18:35:14 -0700 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-09-25 18:35:14 -0700 |
commit | 88623e101cbcbacce553b40ed0a5734171227151 (patch) | |
tree | 0f2a9dbd19adcb060027451cb3124254dba0a9e9 | |
parent | 705762f23c09d4ac3ee485519571cd1e8db51ed3 (diff) | |
parent | 83baeafc3c4eaedc41efb47061eb530651d8ce04 (diff) | |
download | docker-88623e101cbcbacce553b40ed0a5734171227151.tar.gz |
Merge pull request #41293 from thaJeztah/19.03_backport_fix_getexecuser
[19.03 backport] oci: correctly use user.GetExecUser interface
-rw-r--r-- | daemon/oci_linux.go | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/daemon/oci_linux.go b/daemon/oci_linux.go index 2577dca99a..1510f777a2 100644 --- a/daemon/oci_linux.go +++ b/daemon/oci_linux.go @@ -157,7 +157,14 @@ func readUserFile(c *container.Container, p string) (io.ReadCloser, error) { if err != nil { return nil, err } - return os.Open(fp) + fh, err := os.Open(fp) + if err != nil { + // This is needed because a nil *os.File is different to a nil + // io.ReadCloser and this causes GetExecUser to not detect that the + // container file is missing. + return nil, err + } + return fh, nil } func getUser(c *container.Container, username string) (uint32, uint32, []uint32, error) { |