pkg/idtools: remove sync.Once, and include lookup error
When running a `docker cp` to copy files to/from a container, the
lookup of the `getent` executable happens within the container's
filesystem, so we cannot re-use the results.
Unfortunately, that also means we can't preserve the results for
any other uses of these functions, but probably the lookup should not
be "too" costly.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit b5376c7cec)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This commit is contained in:
Sebastiaan van Stijn
parent
511d1ff9e4
commit
f483457e62
1 changed files with 4 additions and 10 deletions
|
|
@ -11,17 +11,11 @@ import (
|
|||
"os/exec"
|
||||
"path/filepath"
|
||||
"strconv"
|
||||
"sync"
|
||||
"syscall"
|
||||
|
||||
"github.com/opencontainers/runc/libcontainer/user"
|
||||
)
|
||||
|
||||
var (
|
||||
entOnce sync.Once
|
||||
getentCmd string
|
||||
)
|
||||
|
||||
func mkdirAs(path string, mode os.FileMode, owner Identity, mkAll, chownExisting bool) error {
|
||||
path, err := filepath.Abs(path)
|
||||
if err != nil {
|
||||
|
|
@ -162,10 +156,10 @@ func getentGroup(name string) (user.Group, error) {
|
|||
}
|
||||
|
||||
func callGetent(database, key string) (io.Reader, error) {
|
||||
entOnce.Do(func() { getentCmd, _ = resolveBinary("getent") })
|
||||
// if no `getent` command on host, can't do anything else
|
||||
if getentCmd == "" {
|
||||
return nil, fmt.Errorf("unable to find getent command")
|
||||
getentCmd, err := resolveBinary("getent")
|
||||
// if no `getent` command within the execution environment, can't do anything else
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("unable to find getent command: %w", err)
|
||||
}
|
||||
command := exec.Command(getentCmd, database, key)
|
||||
// we run getent within container filesystem, but without /dev so /dev/null is not available for exec to mock stdin
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue