We use cookies to ensure you get the best experience on our website
Home Explore Help
Register Sign In
0ct0pu5
/
moby
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Add key migration to daemon

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Derek McGowan 10 years ago
parent
06af013f8b
commit
007ef161b4
2 changed files with 51 additions and 0 deletions
Unified View Show Diff Stats
  1. 41 0
      docker/daemon.go
  2. 10 0
      utils/utils_daemon.go

+ 41 - 0
docker/daemon.go
View File 

@@ -3,6 +3,11 @@
 
 package main
 
 package main
 
 
 
 import (
 
 import (
 
+	"fmt"
 
+	"io"
 
+	"os"
 
+	"path/filepath"
 
+
 
 	log "github.com/Sirupsen/logrus"
 
 	log "github.com/Sirupsen/logrus"
 
 	"github.com/docker/docker/builder"
 
 	"github.com/docker/docker/builder"
 
 	"github.com/docker/docker/builtins"
 
 	"github.com/docker/docker/builtins"
 
@@ -14,6 +19,7 @@ import (
 
 	flag "github.com/docker/docker/pkg/mflag"
 
 	flag "github.com/docker/docker/pkg/mflag"
 
 	"github.com/docker/docker/pkg/signal"
 
 	"github.com/docker/docker/pkg/signal"
 
 	"github.com/docker/docker/registry"
 
 	"github.com/docker/docker/registry"
 
+	"github.com/docker/docker/utils"
 
 )
 
 )
 
 
 
 const CanDaemon = true
 
 const CanDaemon = true
 
@@ -28,6 +34,38 @@ func init() {
 
 	registryCfg.InstallFlags()
 
 	registryCfg.InstallFlags()
 
 }
 
 }
 
 
 
+func migrateKey() error {
 
+	// Migrate trust key if exists at ~/.docker/key.json and owned by current user
 
+	oldPath := filepath.Join(getHomeDir(), ".docker", defaultTrustKeyFile)
 
+	newPath := filepath.Join(getDaemonConfDir(), defaultTrustKeyFile)
 
+	if _, err := os.Stat(newPath); os.IsNotExist(err) && utils.IsFileOwner(oldPath) {
 
+		if err := os.MkdirAll(getDaemonConfDir(), os.FileMode(0644)); err != nil {
 
+			return fmt.Errorf("Unable to create daemon configuraiton directory: %s", err)
 
+		}
 
+
 
+		newFile, err := os.OpenFile(newPath, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0600)
 
+		if err != nil {
 
+			return fmt.Errorf("error creating key file %q: %s", newPath, err)
 
+		}
 
+		defer newFile.Close()
 
+
 
+		oldFile, err := os.Open(oldPath)
 
+		if err != nil {
 
+			return fmt.Errorf("error opening open key file %q: %s", oldPath, err)
 
+		}
 
+
 
+		if _, err := io.Copy(newFile, oldFile); err != nil {
 
+			return fmt.Errorf("error copying key: %s", err)
 
+		}
 
+
 
+		oldFile.Close()
 
+		log.Debugf("Migrated key from %s to %s", oldPath, newPath)
 
+		return os.Remove(oldPath)
 
+	}
 
+
 
+	return nil
 
+}
 
+
 
 func mainDaemon() {
 
 func mainDaemon() {
 
 	if flag.NArg() != 0 {
 
 	if flag.NArg() != 0 {
 
 		flag.Usage()
 
 		flag.Usage()
 
@@ -36,6 +74,9 @@ func mainDaemon() {
 
 	eng := engine.New()
 
 	eng := engine.New()
 
 	signal.Trap(eng.Shutdown)
 
 	signal.Trap(eng.Shutdown)
 
 
 
+	if err := migrateKey(); err != nil {
 
+		log.Fatal(err)
 
+	}
 
 	daemonCfg.TrustKeyPath = *flTrustKey
 
 	daemonCfg.TrustKeyPath = *flTrustKey
 
 
 
 	// Load builtins
 
 	// Load builtins

+ 10 - 0
utils/utils_daemon.go
View File 

@@ -37,3 +37,13 @@ func TreeSize(dir string) (size int64, err error) {
 
 	})
 
 	})
 
 	return
 
 	return
 
 }
 
 }
 
+
 
+// IsFileOwner checks whether the current user is the owner of the given file.
 
+func IsFileOwner(f string) bool {
 
+	if fileInfo, err := os.Stat(f); err == nil && fileInfo != nil {
 
+		if stat, ok := fileInfo.Sys().(*syscall.Stat_t); ok && int(stat.Uid) == os.Getuid() {
 
+			return true
 
+		}
 
+	}
 
+	return false
 
+}

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5