We use cookies to ensure you get the best experience on our website
Trang chủ Khám phá Trợ giúp
Đăng ký Đăng nhập
0ct0pu5
/
moby
1
0
Fork 0
Các tập tin Các vấn đề 0 Yêu cầu kéo về 0 Wiki
Tree: f481f9333d
Branches Tags
moby
/
pkg
/
chrootarchive
/
archive_unix.go

archive_unix.go 2.1 KB
Lịch sử Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283 
  1. //go:build !windows
    2. 

  2. // +build !windows
    3. 

  3. 

  4. package chrootarchive // import "github.com/docker/docker/pkg/chrootarchive"
    5. 

  5. 

  6. import (
    7. 

  7. 	"io"
    8. 

  8. 	"net"
    9. 

  9. 	"os/user"
    10. 

  10. 	"path/filepath"
    11. 

  11. 	"strings"
    12. 

  12. 

  13. 	"github.com/docker/docker/pkg/archive"
    14. 

  14. 	"github.com/pkg/errors"
    15. 

  15. )
    16. 

  16. 

  17. func init() {
    18. 

  18. 	// initialize nss libraries in Glibc so that the dynamic libraries are loaded in the host
    19. 

  19. 	// environment not in the chroot from untrusted files.
    20. 

  20. 	_, _ = user.Lookup("docker")
    21. 

  21. 	_, _ = net.LookupHost("localhost")
    22. 

  22. }
    23. 

  23. 

  24. func invokeUnpack(decompressedArchive io.Reader, dest string, options *archive.TarOptions, root string) error {
    25. 

  25. 	relDest, err := resolvePathInChroot(root, dest)
    26. 

  26. 	if err != nil {
    27. 

  27. 		return err
    28. 

  28. 	}
    29. 

  29. 

  30. 	done := make(chan error)
    31. 

  31. 	err = goInChroot(root, func() { done <- archive.Unpack(decompressedArchive, relDest, options) })
    32. 

  32. 	if err != nil {
    33. 

  33. 		return err
    34. 

  34. 	}
    35. 

  35. 	return <-done
    36. 

  36. }
    37. 

  37. 

  38. func invokePack(srcPath string, options *archive.TarOptions, root string) (io.ReadCloser, error) {
    39. 

  39. 	relSrc, err := resolvePathInChroot(root, srcPath)
    40. 

  40. 	if err != nil {
    41. 

  41. 		return nil, err
    42. 

  42. 	}
    43. 

  43. 

  44. 	// make sure we didn't trim a trailing slash with the call to `resolvePathInChroot`
    45. 

  45. 	if strings.HasSuffix(srcPath, "/") && !strings.HasSuffix(relSrc, "/") {
    46. 

  46. 		relSrc += "/"
    47. 

  47. 	}
    48. 

  48. 

  49. 	tb, err := archive.NewTarballer(relSrc, options)
    50. 

  50. 	if err != nil {
    51. 

  51. 		return nil, errors.Wrap(err, "error processing tar file")
    52. 

  52. 	}
    53. 

  53. 	err = goInChroot(root, tb.Do)
    54. 

  54. 	if err != nil {
    55. 

  55. 		return nil, errors.Wrap(err, "could not chroot")
    56. 

  56. 	}
    57. 

  57. 	return tb.Reader(), nil
    58. 

  58. }
    59. 

  59. 

  60. // resolvePathInChroot returns the equivalent to path inside a chroot rooted at root.
    61. 

  61. // The returned path always begins with '/'.
    62. 

  62. //
    63. 

  63. //   - resolvePathInChroot("/a/b", "/a/b/c/d") -> "/c/d"
    64. 

  64. //   - resolvePathInChroot("/a/b", "/a/b")     -> "/"
    65. 

  65. //
    66. 

  66. // The implementation is buggy, and some bugs may be load-bearing.
    67. 

  67. // Here be dragons.
    68. 

  68. func resolvePathInChroot(root, path string) (string, error) {
    69. 

  69. 	if root == "" {
    70. 

  70. 		return "", errors.New("root path must not be empty")
    71. 

  71. 	}
    72. 

  72. 	rel, err := filepath.Rel(root, path)
    73. 

  73. 	if err != nil {
    74. 

  74. 		return "", err
    75. 

  75. 	}
    76. 

  76. 	if rel == "." {
    77. 

  77. 		rel = "/"
    78. 

  78. 	}
    79. 

  79. 	if rel[0] != '/' {
    80. 

  80. 		rel = "/" + rel
    81. 

  81. 	}
    82. 

  82. 	return rel, nil
    83. 

  83. }
    84.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5