763d839261
This implements chown support on Windows. Built-in accounts as well as accounts included in the SAM database of the container are supported. NOTE: IDPair is now named Identity and IDMappings is now named IdentityMapping. The following are valid examples: ADD --chown=Guest . <some directory> COPY --chown=Administrator . <some directory> COPY --chown=Guests . <some directory> COPY --chown=ContainerUser . <some directory> On Windows an owner is only granted the permission to read the security descriptor and read/write the discretionary access control list. This fix also grants read/write and execute permissions to the owner. Signed-off-by: Salahuddin Khan <salah@docker.com>
25 lines
829 B
Go
25 lines
829 B
Go
package idtools // import "github.com/docker/docker/pkg/idtools"
|
|
|
|
import (
|
|
"os"
|
|
|
|
"github.com/docker/docker/pkg/system"
|
|
)
|
|
|
|
// This is currently a wrapper around MkdirAll, however, since currently
|
|
// permissions aren't set through this path, the identity isn't utilized.
|
|
// Ownership is handled elsewhere, but in the future could be support here
|
|
// too.
|
|
func mkdirAs(path string, mode os.FileMode, owner Identity, mkAll, chownExisting bool) error {
|
|
if err := system.MkdirAll(path, mode, ""); err != nil {
|
|
return err
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// CanAccess takes a valid (existing) directory and a uid, gid pair and determines
|
|
// if that uid, gid pair has access (execute bit) to the directory
|
|
// Windows does not require/support this function, so always return true
|
|
func CanAccess(path string, identity Identity) bool {
|
|
return true
|
|
}
|