浏览代码

Fix daemon key file location

Fixes #10233

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Derek McGowan 10 年之前
父节点
当前提交
06af013f8b
共有 3 个文件被更改,包括 45 次插入3 次删除
  1. 2 0
      docker/docker.go
  2. 20 3
      docker/flags.go
  3. 23 0
      integration-cli/docker_cli_daemon_test.go

+ 2 - 0
docker/docker.go

@@ -67,6 +67,8 @@ func main() {
 		flHosts = append(flHosts, defaultHost)
 		flHosts = append(flHosts, defaultHost)
 	}
 	}
 
 
+	setDefaultConfFlag(flTrustKey, defaultTrustKeyFile)
+
 	if *flDaemon {
 	if *flDaemon {
 		mainDaemon()
 		mainDaemon()
 		return
 		return

+ 20 - 3
docker/flags.go

@@ -28,6 +28,13 @@ func getHomeDir() string {
 	return os.Getenv("HOME")
 	return os.Getenv("HOME")
 }
 }
 
 
+func getDaemonConfDir() string {
+	if runtime.GOOS == "windows" {
+		return filepath.Join(os.Getenv("USERPROFILE"), ".docker")
+	}
+	return "/etc/docker"
+}
+
 var (
 var (
 	flVersion     = flag.Bool([]string{"v", "-version"}, false, "Print version information and quit")
 	flVersion     = flag.Bool([]string{"v", "-version"}, false, "Print version information and quit")
 	flDaemon      = flag.Bool([]string{"d", "-daemon"}, false, "Enable daemon mode")
 	flDaemon      = flag.Bool([]string{"d", "-daemon"}, false, "Enable daemon mode")
@@ -47,10 +54,20 @@ var (
 	flHosts    []string
 	flHosts    []string
 )
 )
 
 
+func setDefaultConfFlag(flag *string, def string) {
+	if *flag == "" {
+		if *flDaemon {
+			*flag = filepath.Join(getDaemonConfDir(), def)
+		} else {
+			*flag = filepath.Join(getHomeDir(), ".docker", def)
+		}
+	}
+}
+
 func init() {
 func init() {
-	// placeholder for trust key flag
-	trustKeyDefault := filepath.Join(dockerCertPath, defaultTrustKeyFile)
-	flTrustKey = &trustKeyDefault
+	var placeholderTrustKey string
+	// TODO use flag flag.String([]string{"i", "-identity"}, "", "Path to libtrust key file")
+	flTrustKey = &placeholderTrustKey
 
 
 	flCa = flag.String([]string{"-tlscacert"}, filepath.Join(dockerCertPath, defaultCaFile), "Trust only remotes providing a certificate signed by the CA given here")
 	flCa = flag.String([]string{"-tlscacert"}, filepath.Join(dockerCertPath, defaultCaFile), "Trust only remotes providing a certificate signed by the CA given here")
 	flCert = flag.String([]string{"-tlscert"}, filepath.Join(dockerCertPath, defaultCertFile), "Path to TLS certificate file")
 	flCert = flag.String([]string{"-tlscert"}, filepath.Join(dockerCertPath, defaultCertFile), "Path to TLS certificate file")

+ 23 - 0
integration-cli/docker_cli_daemon_test.go

@@ -10,6 +10,8 @@ import (
 	"os/exec"
 	"os/exec"
 	"strings"
 	"strings"
 	"testing"
 	"testing"
+
+	"github.com/docker/libtrust"
 )
 )
 
 
 func TestDaemonRestartWithRunningContainersPorts(t *testing.T) {
 func TestDaemonRestartWithRunningContainersPorts(t *testing.T) {
@@ -350,3 +352,24 @@ func TestDaemonVolumesBindsRefs(t *testing.T) {
 
 
 	logDone("daemon - bind refs in data-containers survive daemon restart")
 	logDone("daemon - bind refs in data-containers survive daemon restart")
 }
 }
+
+func TestDaemonKeyGeneration(t *testing.T) {
+	os.Remove("/etc/docker/key.json")
+	d := NewDaemon(t)
+	if err := d.Start(); err != nil {
+		t.Fatalf("Could not start daemon: %v", err)
+	}
+	d.Stop()
+
+	k, err := libtrust.LoadKeyFile("/etc/docker/key.json")
+	if err != nil {
+		t.Fatalf("Error opening key file")
+	}
+	kid := k.KeyID()
+	// Test Key ID is a valid fingerprint (e.g. QQXN:JY5W:TBXI:MK3X:GX6P:PD5D:F56N:NHCS:LVRZ:JA46:R24J:XEFF)
+	if len(kid) != 59 {
+		t.Fatalf("Bad key ID: %s", kid)
+	}
+
+	logDone("daemon - key generation")
+}