We use cookies to ensure you get the best experience on our website
Inicio Explorar Ayuda
Registro Iniciar sesión
0ct0pu5
/
moby
1
0
Fork 0
Archivos Incidencias 0 Pull Requests 0 Wiki
Explorar el Código

daemon: NewDaemon(): replace system.MkdirAll for os.Mkdir where possible

`system.MkdirAll()` is a special version of os.Mkdir to handle creating directories
using Windows volume paths (`"\\?\Volume{4c1b02c1-d990-11dc-99ae-806e6f6e6963}"`).
This may be important when `MkdirAll` is used, which traverses all parent paths to
create them if missing (ultimately landing on the "volume" path).

The daemon.NewDaemon() function used `system.MkdirAll()` in various places where
a subdirectory within `daemon.Root` was created. This appeared to be mostly out
of convenience (to not have to handle `os.ErrExist` errors). The `daemon.Root`
directory should already be set up in these locations, and should be set up with
correct permissions. Using `system.MkdirAll()` would potentially mask errors if
the root directory is missing, and instead set up parent directories (possibly
with incorrect permissions).

Because of the above, this patch changes `system.MkdirAll` to `os.Mkdir`. As we
are changing these lines, this patch also changes the legacy octal notation
(`0700`) to the now preferred `0o700`.

One location continues to use `system.MkdirAll`, as the temp-directory may be
configured to be outside of `daemon.Root`, but a redundant `os.Stat(realTmp)`
was removed, as `system.MkdirAll` is expected to handle this.

As we are changing these lines, this patch also changes the legacy octal notation
(`0700`) to the now preferred `0o700`.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Sebastiaan van Stijn hace 2 años
padre
2400bc66ef
commit
27bd49f4bf
Se han modificado 1 ficheros con 10 adiciones y 10 borrados
Dividir vista Mostrar estadísticas de diff
  1. 10 10
      daemon/daemon.go

+ 10 - 10
daemon/daemon.go
Ver fichero 

@@ -756,10 +756,8 @@ func NewDaemon(ctx context.Context, config *config.Config, pluginStore *plugin.S
 
 		return nil, fmt.Errorf("Unable to get the full path to the TempDir (%s): %s", tmp, err)
 
 	}
 
 	if isWindows {
 
-		if _, err := os.Stat(realTmp); err != nil && os.IsNotExist(err) {
 
-			if err := system.MkdirAll(realTmp, 0700); err != nil {
 
-				return nil, fmt.Errorf("Unable to create the TempDir (%s): %s", realTmp, err)
 
-			}
 
+		if err := system.MkdirAll(realTmp, 0); err != nil {
 
+			return nil, fmt.Errorf("Unable to create the TempDir (%s): %s", realTmp, err)
 
 		}
 
 		os.Setenv("TEMP", realTmp)
 
 		os.Setenv("TMP", realTmp)
 
@@ -813,7 +811,7 @@ func NewDaemon(ctx context.Context, config *config.Config, pluginStore *plugin.S
 
 	}
 
 
 	daemonRepo := filepath.Join(config.Root, "containers")
 
-	if err := idtools.MkdirAllAndChown(daemonRepo, 0710, idtools.Identity{
 
+	if err := idtools.MkdirAllAndChown(daemonRepo, 0o710, idtools.Identity{
 
 		UID: idtools.CurrentIdentity().UID,
 
 		GID: rootIDs.GID,
 
 	}); err != nil {
 
@@ -822,8 +820,7 @@ func NewDaemon(ctx context.Context, config *config.Config, pluginStore *plugin.S
 
 
 	// Create the directory where we'll store the runtime scripts (i.e. in
 
 	// order to support runtimeArgs)
 
-	daemonRuntimes := filepath.Join(config.Root, "runtimes")
 
-	if err := system.MkdirAll(daemonRuntimes, 0700); err != nil {
 
+	if err = os.Mkdir(filepath.Join(config.Root, "runtimes"), 0o700); err != nil && !errors.Is(err, os.ErrExist) {
 
 		return nil, err
 
 	}
 
 	if err := d.loadRuntimes(); err != nil {
 
@@ -831,7 +828,10 @@ func NewDaemon(ctx context.Context, config *config.Config, pluginStore *plugin.S
 
 	}
 
 
 	if isWindows {
 
-		if err := system.MkdirAll(filepath.Join(config.Root, "credentialspecs"), 0); err != nil {
 
+		// Note that permissions (0o700) are ignored on Windows; passing them to
 
+		// show intent only. We could consider using idtools.MkdirAndChown here
 
+		// to apply an ACL.
 
+		if err = os.Mkdir(filepath.Join(config.Root, "credentialspecs"), 0o700); err != nil && !errors.Is(err, os.ErrExist) {
 
 			return nil, err
 
 		}
 
 	}
 
@@ -1068,7 +1068,7 @@ func NewDaemon(ctx context.Context, config *config.Config, pluginStore *plugin.S
 
 			if err != nil {
 
 				return nil, err
 
 			}
 
-			if err = system.MkdirAll(filepath.Join(config.Root, "trust"), 0700); err != nil {
 
+			if err = os.Mkdir(filepath.Join(config.Root, "trust"), 0o700); err != nil && !errors.Is(err, os.ErrExist) {
 
 				return nil, err
 
 			}
 
 		}
 
@@ -1345,7 +1345,7 @@ func prepareTempDir(rootDir string) (string, error) {
 
 			}
 
 		}
 
 	}
 
-	return tmpDir, idtools.MkdirAllAndChown(tmpDir, 0700, idtools.CurrentIdentity())
 
+	return tmpDir, idtools.MkdirAllAndChown(tmpDir, 0o700, idtools.CurrentIdentity())
 
 }
 
 
 func (daemon *Daemon) setGenericResources(conf *config.Config) error {

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5