763d839261
This implements chown support on Windows. Built-in accounts as well as accounts included in the SAM database of the container are supported. NOTE: IDPair is now named Identity and IDMappings is now named IdentityMapping. The following are valid examples: ADD --chown=Guest . <some directory> COPY --chown=Administrator . <some directory> COPY --chown=Guests . <some directory> COPY --chown=ContainerUser . <some directory> On Windows an owner is only granted the permission to read the security descriptor and read/write the discretionary access control list. This fix also grants read/write and execute permissions to the owner. Signed-off-by: Salahuddin Khan <salah@docker.com>
20 lines
831 B
Go
20 lines
831 B
Go
package daemon // import "github.com/docker/docker/daemon"
|
|
|
|
// ContainerCreateWorkdir creates the working directory. This solves the
|
|
// issue arising from https://github.com/docker/docker/issues/27545,
|
|
// which was initially fixed by https://github.com/docker/docker/pull/27884. But that fix
|
|
// was too expensive in terms of performance on Windows. Instead,
|
|
// https://github.com/docker/docker/pull/28514 introduces this new functionality
|
|
// where the builder calls into the backend here to create the working directory.
|
|
func (daemon *Daemon) ContainerCreateWorkdir(cID string) error {
|
|
container, err := daemon.GetContainer(cID)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
err = daemon.Mount(container)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
defer daemon.Unmount(container)
|
|
return container.SetupWorkingDirectory(daemon.idMapping.RootPair())
|
|
}
|