Merge pull request #41293 from thaJeztah/19.03_backport_fix_getexecuser

[19.03 backport] oci: correctly use user.GetExecUser interface
author: Tianon Gravi <admwiggin@gmail.com> 2020-09-25 18:35:14 -0700
committer: GitHub <noreply@github.com> 2020-09-25 18:35:14 -0700
commit: 88623e101cbcbacce553b40ed0a5734171227151 (patch)
tree: 0f2a9dbd19adcb060027451cb3124254dba0a9e9
parent: 705762f23c09d4ac3ee485519571cd1e8db51ed3 (diff)
parent: 83baeafc3c4eaedc41efb47061eb530651d8ce04 (diff)
download: docker-88623e101cbcbacce553b40ed0a5734171227151.tar.gz
1 files changed, 8 insertions, 1 deletions
diff --git a/daemon/oci_linux.go b/daemon/oci_linux.go
index 2577dca99a..1510f777a2 100644
--- a/daemon/oci_linux.go
+++ b/daemon/oci_linux.go
@@ -157,7 +157,14 @@ func readUserFile(c *container.Container, p string) (io.ReadCloser, error) {
 	if err != nil {
 		return nil, err
 	}
-	return os.Open(fp)
+	fh, err := os.Open(fp)
+	if err != nil {
+		// This is needed because a nil *os.File is different to a nil
+		// io.ReadCloser and this causes GetExecUser to not detect that the
+		// container file is missing.
+		return nil, err
+	}
+	return fh, nil
 }
 
 func getUser(c *container.Container, username string) (uint32, uint32, []uint32, error) {
author	Tianon Gravi <admwiggin@gmail.com>	2020-09-25 18:35:14 -0700
committer	GitHub <noreply@github.com>	2020-09-25 18:35:14 -0700
commit	88623e101cbcbacce553b40ed0a5734171227151 (patch)
tree	0f2a9dbd19adcb060027451cb3124254dba0a9e9
parent	705762f23c09d4ac3ee485519571cd1e8db51ed3 (diff)
parent	83baeafc3c4eaedc41efb47061eb530651d8ce04 (diff)
download	docker-88623e101cbcbacce553b40ed0a5734171227151.tar.gz