diff options
author | Salahuddin Khan <salah@docker.com> | 2017-11-15 22:20:33 -0800 |
---|---|---|
committer | Salahuddin Khan <salah@docker.com> | 2018-08-13 21:59:11 -0700 |
commit | 763d8392612942ff5c32a35f8bdafd7ae93d3321 (patch) | |
tree | b9b90624e4d3c3e88a95b45e0f723ec74e35a3ee /volume | |
parent | 1fd7e4c28d3a4a21c3540f03a045f96a4190b527 (diff) | |
download | docker-763d8392612942ff5c32a35f8bdafd7ae93d3321.tar.gz |
Add ADD/COPY --chown flag support to Windows
This implements chown support on Windows. Built-in accounts as well
as accounts included in the SAM database of the container are supported.
NOTE: IDPair is now named Identity and IDMappings is now named
IdentityMapping.
The following are valid examples:
ADD --chown=Guest . <some directory>
COPY --chown=Administrator . <some directory>
COPY --chown=Guests . <some directory>
COPY --chown=ContainerUser . <some directory>
On Windows an owner is only granted the permission to read the security
descriptor and read/write the discretionary access control list. This
fix also grants read/write and execute permissions to the owner.
Signed-off-by: Salahuddin Khan <salah@docker.com>
Diffstat (limited to 'volume')
-rw-r--r-- | volume/local/local.go | 24 | ||||
-rw-r--r-- | volume/local/local_test.go | 18 | ||||
-rw-r--r-- | volume/mounts/mounts.go | 2 | ||||
-rw-r--r-- | volume/service/default_driver.go | 2 | ||||
-rw-r--r-- | volume/service/default_driver_stubs.go | 2 | ||||
-rw-r--r-- | volume/service/service.go | 2 | ||||
-rw-r--r-- | volume/service/service_linux_test.go | 2 |
7 files changed, 26 insertions, 26 deletions
diff --git a/volume/local/local.go b/volume/local/local.go index d97347423a..7190de9ed6 100644 --- a/volume/local/local.go +++ b/volume/local/local.go @@ -46,18 +46,18 @@ type activeMount struct { // New instantiates a new Root instance with the provided scope. Scope // is the base path that the Root instance uses to store its // volumes. The base path is created here if it does not exist. -func New(scope string, rootIDs idtools.IDPair) (*Root, error) { +func New(scope string, rootIdentity idtools.Identity) (*Root, error) { rootDirectory := filepath.Join(scope, volumesPathName) - if err := idtools.MkdirAllAndChown(rootDirectory, 0700, rootIDs); err != nil { + if err := idtools.MkdirAllAndChown(rootDirectory, 0700, rootIdentity); err != nil { return nil, err } r := &Root{ - scope: scope, - path: rootDirectory, - volumes: make(map[string]*localVolume), - rootIDs: rootIDs, + scope: scope, + path: rootDirectory, + volumes: make(map[string]*localVolume), + rootIdentity: rootIdentity, } dirs, err := ioutil.ReadDir(rootDirectory) @@ -101,11 +101,11 @@ func New(scope string, rootIDs idtools.IDPair) (*Root, error) { // manages the creation/removal of volumes. It uses only standard vfs // commands to create/remove dirs within its provided scope. type Root struct { - m sync.Mutex - scope string - path string - volumes map[string]*localVolume - rootIDs idtools.IDPair + m sync.Mutex + scope string + path string + volumes map[string]*localVolume + rootIdentity idtools.Identity } // List lists all the volumes @@ -146,7 +146,7 @@ func (r *Root) Create(name string, opts map[string]string) (volume.Volume, error } path := r.DataPath(name) - if err := idtools.MkdirAllAndChown(path, 0755, r.rootIDs); err != nil { + if err := idtools.MkdirAllAndChown(path, 0755, r.rootIdentity); err != nil { return nil, errors.Wrapf(errdefs.System(err), "error while creating volume path '%s'", path) } diff --git a/volume/local/local_test.go b/volume/local/local_test.go index 4cb47ba045..51df1a7edf 100644 --- a/volume/local/local_test.go +++ b/volume/local/local_test.go @@ -38,7 +38,7 @@ func TestRemove(t *testing.T) { } defer os.RemoveAll(rootDir) - r, err := New(rootDir, idtools.IDPair{UID: os.Geteuid(), GID: os.Getegid()}) + r, err := New(rootDir, idtools.Identity{UID: os.Geteuid(), GID: os.Getegid()}) if err != nil { t.Fatal(err) } @@ -80,7 +80,7 @@ func TestInitializeWithVolumes(t *testing.T) { } defer os.RemoveAll(rootDir) - r, err := New(rootDir, idtools.IDPair{UID: os.Geteuid(), GID: os.Getegid()}) + r, err := New(rootDir, idtools.Identity{UID: os.Geteuid(), GID: os.Getegid()}) if err != nil { t.Fatal(err) } @@ -90,7 +90,7 @@ func TestInitializeWithVolumes(t *testing.T) { t.Fatal(err) } - r, err = New(rootDir, idtools.IDPair{UID: os.Getuid(), GID: os.Getegid()}) + r, err = New(rootDir, idtools.Identity{UID: os.Geteuid(), GID: os.Getegid()}) if err != nil { t.Fatal(err) } @@ -112,7 +112,7 @@ func TestCreate(t *testing.T) { } defer os.RemoveAll(rootDir) - r, err := New(rootDir, idtools.IDPair{UID: os.Getuid(), GID: os.Getegid()}) + r, err := New(rootDir, idtools.Identity{UID: os.Geteuid(), GID: os.Getegid()}) if err != nil { t.Fatal(err) } @@ -149,7 +149,7 @@ func TestCreate(t *testing.T) { } } - r, err = New(rootDir, idtools.IDPair{UID: os.Getuid(), GID: os.Getegid()}) + r, err = New(rootDir, idtools.Identity{UID: os.Geteuid(), GID: os.Getegid()}) if err != nil { t.Fatal(err) } @@ -186,7 +186,7 @@ func TestCreateWithOpts(t *testing.T) { } defer os.RemoveAll(rootDir) - r, err := New(rootDir, idtools.IDPair{UID: os.Getuid(), GID: os.Getegid()}) + r, err := New(rootDir, idtools.Identity{UID: os.Geteuid(), GID: os.Getegid()}) if err != nil { t.Fatal(err) } @@ -261,7 +261,7 @@ func TestCreateWithOpts(t *testing.T) { t.Fatal("expected mount to still be active") } - r, err = New(rootDir, idtools.IDPair{UID: 0, GID: 0}) + r, err = New(rootDir, idtools.Identity{UID: 0, GID: 0}) if err != nil { t.Fatal(err) } @@ -283,7 +283,7 @@ func TestRelaodNoOpts(t *testing.T) { } defer os.RemoveAll(rootDir) - r, err := New(rootDir, idtools.IDPair{UID: os.Getuid(), GID: os.Getegid()}) + r, err := New(rootDir, idtools.Identity{UID: os.Geteuid(), GID: os.Getegid()}) if err != nil { t.Fatal(err) } @@ -311,7 +311,7 @@ func TestRelaodNoOpts(t *testing.T) { t.Fatal(err) } - r, err = New(rootDir, idtools.IDPair{UID: os.Getuid(), GID: os.Getegid()}) + r, err = New(rootDir, idtools.Identity{UID: os.Geteuid(), GID: os.Getegid()}) if err != nil { t.Fatal(err) } diff --git a/volume/mounts/mounts.go b/volume/mounts/mounts.go index a1c5dce1c8..63a1406814 100644 --- a/volume/mounts/mounts.go +++ b/volume/mounts/mounts.go @@ -95,7 +95,7 @@ func (m *MountPoint) Cleanup() error { // configured, or creating the source directory if supplied. // The, optional, checkFun parameter allows doing additional checking // before creating the source directory on the host. -func (m *MountPoint) Setup(mountLabel string, rootIDs idtools.IDPair, checkFun func(m *MountPoint) error) (path string, err error) { +func (m *MountPoint) Setup(mountLabel string, rootIDs idtools.Identity, checkFun func(m *MountPoint) error) (path string, err error) { if m.SkipMountpointCreation { return m.Source, nil } diff --git a/volume/service/default_driver.go b/volume/service/default_driver.go index 1c1d5c54bc..b5986ab717 100644 --- a/volume/service/default_driver.go +++ b/volume/service/default_driver.go @@ -9,7 +9,7 @@ import ( "github.com/pkg/errors" ) -func setupDefaultDriver(store *drivers.Store, root string, rootIDs idtools.IDPair) error { +func setupDefaultDriver(store *drivers.Store, root string, rootIDs idtools.Identity) error { d, err := local.New(root, rootIDs) if err != nil { return errors.Wrap(err, "error setting up default driver") diff --git a/volume/service/default_driver_stubs.go b/volume/service/default_driver_stubs.go index fdb275eb9d..0539b1369b 100644 --- a/volume/service/default_driver_stubs.go +++ b/volume/service/default_driver_stubs.go @@ -7,4 +7,4 @@ import ( "github.com/docker/docker/volume/drivers" ) -func setupDefaultDriver(_ *drivers.Store, _ string, _ idtools.IDPair) error { return nil } +func setupDefaultDriver(_ *drivers.Store, _ string, _ idtools.Identity) error { return nil } diff --git a/volume/service/service.go b/volume/service/service.go index a62a32de50..ebb5e205e9 100644 --- a/volume/service/service.go +++ b/volume/service/service.go @@ -35,7 +35,7 @@ type VolumesService struct { } // NewVolumeService creates a new volume service -func NewVolumeService(root string, pg plugingetter.PluginGetter, rootIDs idtools.IDPair, logger volumeEventLogger) (*VolumesService, error) { +func NewVolumeService(root string, pg plugingetter.PluginGetter, rootIDs idtools.Identity, logger volumeEventLogger) (*VolumesService, error) { ds := drivers.NewStore(pg) if err := setupDefaultDriver(ds, root, rootIDs); err != nil { return nil, err diff --git a/volume/service/service_linux_test.go b/volume/service/service_linux_test.go index ae70d7e2c5..e009cd1325 100644 --- a/volume/service/service_linux_test.go +++ b/volume/service/service_linux_test.go @@ -25,7 +25,7 @@ func TestLocalVolumeSize(t *testing.T) { assert.Assert(t, err) defer os.RemoveAll(dir) - l, err := local.New(dir, idtools.IDPair{UID: os.Getuid(), GID: os.Getegid()}) + l, err := local.New(dir, idtools.Identity{UID: os.Getuid(), GID: os.Getegid()}) assert.Assert(t, err) assert.Assert(t, ds.Register(l, volume.DefaultDriverName)) assert.Assert(t, ds.Register(testutils.NewFakeDriver("fake"), "fake")) |