From 007ef161b45dd91afcfb7ef9cd32e6c88dbf196e Mon Sep 17 00:00:00 2001
From: Derek McGowan <derek@mcgstyle.net>
Date: Wed, 21 Jan 2015 16:55:05 -0800
Subject: [PATCH] Add key migration to daemon

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
---
 docker/daemon.go      | 41 +++++++++++++++++++++++++++++++++++++++++
 utils/utils_daemon.go | 10 ++++++++++
 2 files changed, 51 insertions(+)

diff --git a/docker/daemon.go b/docker/daemon.go
index 508a75bd86..df23884e9f 100644
--- a/docker/daemon.go
+++ b/docker/daemon.go
@@ -3,6 +3,11 @@
 package main
 
 import (
+	"fmt"
+	"io"
+	"os"
+	"path/filepath"
+
 	log "github.com/Sirupsen/logrus"
 	"github.com/docker/docker/builder"
 	"github.com/docker/docker/builtins"
@@ -14,6 +19,7 @@ import (
 	flag "github.com/docker/docker/pkg/mflag"
 	"github.com/docker/docker/pkg/signal"
 	"github.com/docker/docker/registry"
+	"github.com/docker/docker/utils"
 )
 
 const CanDaemon = true
@@ -28,6 +34,38 @@ func init() {
 	registryCfg.InstallFlags()
 }
 
+func migrateKey() error {
+	// Migrate trust key if exists at ~/.docker/key.json and owned by current user
+	oldPath := filepath.Join(getHomeDir(), ".docker", defaultTrustKeyFile)
+	newPath := filepath.Join(getDaemonConfDir(), defaultTrustKeyFile)
+	if _, err := os.Stat(newPath); os.IsNotExist(err) && utils.IsFileOwner(oldPath) {
+		if err := os.MkdirAll(getDaemonConfDir(), os.FileMode(0644)); err != nil {
+			return fmt.Errorf("Unable to create daemon configuraiton directory: %s", err)
+		}
+
+		newFile, err := os.OpenFile(newPath, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0600)
+		if err != nil {
+			return fmt.Errorf("error creating key file %q: %s", newPath, err)
+		}
+		defer newFile.Close()
+
+		oldFile, err := os.Open(oldPath)
+		if err != nil {
+			return fmt.Errorf("error opening open key file %q: %s", oldPath, err)
+		}
+
+		if _, err := io.Copy(newFile, oldFile); err != nil {
+			return fmt.Errorf("error copying key: %s", err)
+		}
+
+		oldFile.Close()
+		log.Debugf("Migrated key from %s to %s", oldPath, newPath)
+		return os.Remove(oldPath)
+	}
+
+	return nil
+}
+
 func mainDaemon() {
 	if flag.NArg() != 0 {
 		flag.Usage()
@@ -36,6 +74,9 @@ func mainDaemon() {
 	eng := engine.New()
 	signal.Trap(eng.Shutdown)
 
+	if err := migrateKey(); err != nil {
+		log.Fatal(err)
+	}
 	daemonCfg.TrustKeyPath = *flTrustKey
 
 	// Load builtins
diff --git a/utils/utils_daemon.go b/utils/utils_daemon.go
index 098e227367..9989f05e31 100644
--- a/utils/utils_daemon.go
+++ b/utils/utils_daemon.go
@@ -37,3 +37,13 @@ func TreeSize(dir string) (size int64, err error) {
 	})
 	return
 }
+
+// IsFileOwner checks whether the current user is the owner of the given file.
+func IsFileOwner(f string) bool {
+	if fileInfo, err := os.Stat(f); err == nil && fileInfo != nil {
+		if stat, ok := fileInfo.Sys().(*syscall.Stat_t); ok && int(stat.Uid) == os.Getuid() {
+			return true
+		}
+	}
+	return false
+}