Those are the cases where the value being converted is already of that
type (checked to be that way for all os/arch combinations).
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Gives a name to the anonymous goroutine populating the archive, and
makes parameter dependencies explicit, in preparation to moving it
out. No functional changes.
Signed-off-by: Han-Wen Nienhuys <hanwen@engflow.com>
Before, this was breaking the convention that options passed by
reference are not mutated. In particular, TestOverlayTarUntar passes
the same object to both TarWithOptions and Untar, resulting in a race
detector failure.
Signed-off-by: Han-Wen Nienhuys <hanwen@engflow.com>
A nil and empty slice are equivalent, except resulting JSON
serialization. There is JSON serialization in applyLayerHandler(),
but it's internal to the storage package and therefore not subject to
compatibility promises.
Signed-off-by: Han-Wen Nienhuys <hanwen@engflow.com>
Unixy systems all have Lutimes(), and this code should have been stubbed
out for non-Unixy systems.
h/t @kolyshkin
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
* tarAppender did not append to tar files
* createTarFile did not create tar files
* addTarFile did not add tar files
Signed-off-by: Han-Wen Nienhuys <hanwen@engflow.com>
improve detection of changes in symlinks when both the size and the
mtime were changed.
Previously, the detection relied on a difference in either size or
atime/mtime to identify changes in a symlink. This is not enough, as
the atime/mtime and it size could be left unaltered while only its
target changes.
Fixes: https://github.com/containers/buildah/issues/5861
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
The lgetxattr(2), lsetxattr(2), and llistxattr(2) syscalls on Linux
return ENOTSUP instead of EOPNOTSUPP. The same applies to getxattr(2),
setxattr(2), and listxattr(2) on macOS.
Note that EOPNOTSUPP and ENOTSUP have the same value in Linux (refer to
errno(3)).
Signed-off-by: Minseo Kim <kimminss0@outlook.kr>
This commit enables applying extended file attributes (xattr) to files
during the unpacking of layers.
The implementation mimics how FreeBSD's linux compatibility layer and
BSD tar handles xattr using extattr system calls. Linux and FreeBSD
supports different namespaces for extended attributes:
- Linux: security, system, trusted, user
- FreeBSD: system, user
The `system` and `user` namespaces are directly mapped between the two
systems. For unsupported namespaces on FreeBSD, such as `security` and
`trusted`, the attributes are just dropped.
Signed-off-by: Minseo Kim <kimminss0@outlook.kr>
the performance improvement is not as clear as with pigz, but it is
still measurable difference.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
use the pigz command line tool when available as it is much faster to
decompress a gzip stream.
On my machine I've seen a 50% pull time reduction when pulling some
big images.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
We used to override the root directory permission only when the record
for the root directory exists in the archive. However,
docker.io/ubuntu:jammy-20240427 lacks such a record and not overriding
the root directory permission makes all other permission overrides
invalid.
Signed-off-by: Akihiko Odaki <odaki@rsg.ci.i.u-tokyo.ac.jp>
This change introduces a new approach to generating tar headers in a way
that avoids system-dependent lookups and potential calls to glibc, enhancing
portability and security.
The same logic is used by Moby, and the override function is based on
code from Moby.
Closes: https://github.com/containers/storage/issues/1836
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
if force_mask is in use, we need to store the root directory
permission after we read it from the tar archive. We were incorrectly
reading it from the directory on the filesystem.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
gofumpt is a superset of gofmt, enabling some more code formatting
rules.
This commit is brought to you by
gofumpt -w .
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
The documentation says
> The new Buffer takes ownership of buf, and the
> caller should not use buf after this call.
so use the more directly applicable, and simpler, bytes.Reader
instead, to avoid this potentially risky use.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
This encodes flag information into the tar stream using
ReadFileFlagsToTarHeader and decodes with WriteFileFlagsFromTarHeader.
To support applying diffs to trees with flags, this adds logic to
reset immutable flags during the UnpackLayer process. To support
immutable directories, we also need to defer setting flags on
directories until after all modifications to the directory contents.
Fortunately, something similar is already in place for setting
directory modify times.
Signed-off-by: Doug Rabson <dfr@rabson.org>
It can currently only fail with a broken pipe, or an invalid
pattern; in either case there's no point continuing with the loop.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
On FreeBSD, the link syscall follows symlinks which makes
TestUntarHardlinkToSymlink fail. We can match the expected semantics on
FreeBSD using linkat.
Signed-off-by: Doug Rabson <dfr@rabson.org>
If everything went well, hashError can be nil. Don't wrap it in error
context and return an error in those cases.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
We now use the golang error wrapping format specifier `%w` instead of the
deprecated github.com/pkg/errors package.
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
Supporting macOS presents a number of challenges since the lack of
user namespaces means that operations that alter the ownership or
permissions on a file face harsh limitations, since are requested by
an unprivileged user that may need to potentially operate on arbitrary
uids/gids.
To overcome this challenges, we rely on the existing "forceMask"
feature to store the actual ownership and permission bits as an
extended attribute entry on each file.
In addition to automatically enabling "forceMask" when running on
macOS, we also need some minor changes to ensure the compatibility
with this OS. The most significant is the fact that, on macOS
SafeLchmod and SafeChmod also operate on the extended attributes, to
allow us to properly create the directories supporting the image.
With this changes in place, buildah is able to perform basic
operations on OCI images, such as downloading the image, creating a
working container, and removing them.
Signed-off-by: Sergio Lopez <slp@redhat.com>
We're going to need to reference containersOverrideXattr from idtools
in the next commit. Since archive.go is already importing idtools.go,
move containersOverrideXattr to the latter and make it public, so we
don't need to alter the imports.
Signed-off-by: Sergio Lopez <slp@redhat.com>
when the option ForceMask is in place and the file UID, GID and mode
are written to a xattr skip the lchown syscall.
[NO TESTS NEEDED] as it requires a setup with NFS.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
ignore the security.selinux xattr if it is present in the tarball
header, since invalid labels cannot be set by unprivileged users and
the `lsetxattr` syscall fails with EINVAL.
Closes: https://github.com/containers/storage/issues/1076
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Kir Kolyshkin