containers
/
podman
mirror of https://github.com/containers/podman.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

volume: resolve symlinks in paths 

ensure the volume paths are resolved in the mountpoint scope.

Otherwise we might end up using host paths.

Closes: https://github.com/containers/libpod/issues/1608

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
This commit is contained in:
Giuseppe Scrivano 2018-10-09 10:48:28 +02:00
parent 2ad6012ea1
commit 6dd6ce1ebc
No known key found for this signature in database
GPG Key ID: E4730F97F60286ED
1 changed files with 13 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
libpod/container_internal.go
View File

@ -13,6 +13,7 @@ import (
"strings"
"syscall"
"github.com/containers/buildah/imagebuildah"
"github.com/containers/libpod/pkg/chrootuser"
"github.com/containers/libpod/pkg/hooks"
"github.com/containers/libpod/pkg/hooks/exec"
@ -1193,8 +1194,6 @@ func (c *Container) addLocalVolumes(ctx context.Context, g *generate.Generator)
continue
}
volumePath := filepath.Join(c.config.StaticDir, "volumes", k)
srcPath := filepath.Join(mountPoint, k)
var (
uid uint32
gid uint32
@ -1209,6 +1208,18 @@ func (c *Container) addLocalVolumes(ctx context.Context, g *generate.Generator)
}
}
// Ensure the symlinks are resolved
resolvedSymlink, err := imagebuildah.ResolveSymLink(mountPoint, k)
if err != nil {
return errors.Wrapf(ErrCtrStateInvalid, "cannot resolve %s in %s for container %s", k, mountPoint, c.ID())
}
var srcPath string
if resolvedSymlink != "" {
srcPath = filepath.Join(mountPoint, resolvedSymlink)
} else {
srcPath = filepath.Join(mountPoint, k)
}
if _, err := os.Stat(srcPath); os.IsNotExist(err) {
logrus.Infof("Volume image mount point %s does not exist in root FS, need to create it", k)
if err = os.MkdirAll(srcPath, 0755); err != nil {