|
@@ -4,13 +4,22 @@ import (
|
|
|
"fmt"
|
|
"fmt"
|
|
|
"io"
|
|
"io"
|
|
|
"io/ioutil"
|
|
"io/ioutil"
|
|
|
|
|
+ "net"
|
|
|
"os"
|
|
"os"
|
|
|
|
|
+ "os/user"
|
|
|
"path/filepath"
|
|
"path/filepath"
|
|
|
|
|
|
|
|
"github.com/docker/docker/pkg/archive"
|
|
"github.com/docker/docker/pkg/archive"
|
|
|
"github.com/docker/docker/pkg/idtools"
|
|
"github.com/docker/docker/pkg/idtools"
|
|
|
)
|
|
)
|
|
|
|
|
|
|
|
|
|
+func init() {
|
|
|
|
|
+ // initialize nss libraries in Glibc so that the dynamic libraries are loaded in the host
|
|
|
|
|
+ // environment not in the chroot from untrusted files.
|
|
|
|
|
+ _, _ = user.Lookup("docker")
|
|
|
|
|
+ _, _ = net.LookupHost("localhost")
|
|
|
|
|
+}
|
|
|
|
|
+
|
|
|
// NewArchiver returns a new Archiver which uses chrootarchive.Untar
|
|
// NewArchiver returns a new Archiver which uses chrootarchive.Untar
|
|
|
func NewArchiver(idMapping *idtools.IdentityMapping) *archive.Archiver {
|
|
func NewArchiver(idMapping *idtools.IdentityMapping) *archive.Archiver {
|
|
|
if idMapping == nil {
|
|
if idMapping == nil {
|
Akihiro Suda