volumes: push the chown logic to runtime_volume_linux.go

Signed-off-by: Giuseppe Scrivano <[email protected]>
containers · Mar 29, 2019 · f7e72bc · f7e72bc
1 parent 9b78935
commit f7e72bc
Show file tree

Hide file tree

Showing 4 changed files with 37 additions and 6 deletions.
diff --git a/libpod/options.go b/libpod/options.go
@@ -1274,6 +1274,28 @@ func WithVolumeName(name string) VolumeCreateOption {
 	}
 }
 
+// WithVolumeUID sets the uid of the owner.
+func WithVolumeUID(uid int) VolumeCreateOption {
+	return func(volume *Volume) error {
+		if volume.valid {
+			return ErrVolumeFinalized
+		}
+		volume.config.UID = uid
+		return nil
+	}
+}
+
+// WithVolumeGID sets the gid of the owner.
+func WithVolumeGID(gid int) VolumeCreateOption {
+	return func(volume *Volume) error {
+		if volume.valid {
+			return ErrVolumeFinalized
+		}
+		volume.config.GID = gid
+		return nil
+	}
+}
+
 // WithVolumeLabels sets the labels of the volume.
 func WithVolumeLabels(labels map[string]string) VolumeCreateOption {
 	return func(volume *Volume) error {

diff --git a/libpod/runtime_ctr.go b/libpod/runtime_ctr.go
@@ -182,14 +182,11 @@ func (r *Runtime) newContainer(ctx context.Context, rSpec *spec.Spec, options ..
 		if vol.Source[0] != '/' && isNamedVolume(vol.Source) {
 			volInfo, err := r.state.Volume(vol.Source)
 			if err != nil {
-				newVol, err := r.newVolume(ctx, WithVolumeName(vol.Source), withSetCtrSpecific())
+				newVol, err := r.newVolume(ctx, WithVolumeName(vol.Source), withSetCtrSpecific(), WithVolumeUID(ctr.RootUID()), WithVolumeGID(ctr.RootGID()))
 				if err != nil {
 					return nil, errors.Wrapf(err, "error creating named volume %q", vol.Source)
 				}
 				ctr.config.Spec.Mounts[i].Source = newVol.MountPoint()
-				if err := os.Chown(ctr.config.Spec.Mounts[i].Source, ctr.RootUID(), ctr.RootGID()); err != nil {
-					return nil, errors.Wrapf(err, "cannot chown %q to %d:%d", ctr.config.Spec.Mounts[i].Source, ctr.RootUID(), ctr.RootGID())
-				}
 				if err := ctr.copyWithTarFromImage(ctr.config.Spec.Mounts[i].Destination, ctr.config.Spec.Mounts[i].Source); err != nil && !os.IsNotExist(err) {
 					return nil, errors.Wrapf(err, "failed to copy content into new volume mount %q", vol.Source)
 				}

diff --git a/libpod/runtime_volume_linux.go b/libpod/runtime_volume_linux.go
@@ -51,10 +51,20 @@ func (r *Runtime) newVolume(ctx context.Context, options ...VolumeCreateOption)
 	}
 
 	// Create the mountpoint of this volume
-	fullVolPath := filepath.Join(r.config.VolumePath, volume.config.Name, "_data")
-	if err := os.MkdirAll(fullVolPath, 0755); err != nil {
+	volPathRoot := filepath.Join(r.config.VolumePath, volume.config.Name)
+	if err := os.MkdirAll(volPathRoot, 0700); err != nil {
+		return nil, errors.Wrapf(err, "error creating volume directory %q", volPathRoot)
+	}
+	if err := os.Chown(volPathRoot, volume.config.UID, volume.config.GID); err != nil {
+		return nil, errors.Wrapf(err, "error chowning volume directory %q to %d:%d", volPathRoot, volume.config.UID, volume.config.GID)
+	}
+	fullVolPath := filepath.Join(volPathRoot, "_data")
+	if err := os.Mkdir(fullVolPath, 0755); err != nil {
 		return nil, errors.Wrapf(err, "error creating volume directory %q", fullVolPath)
 	}
+	if err := os.Chown(fullVolPath, volume.config.UID, volume.config.GID); err != nil {
+		return nil, errors.Wrapf(err, "error chowning volume directory %q to %d:%d", fullVolPath, volume.config.UID, volume.config.GID)
+	}
 	if err := LabelVolumePath(fullVolPath, true); err != nil {
 		return nil, err
 	}

diff --git a/libpod/volume.go b/libpod/volume.go
@@ -21,6 +21,8 @@ type VolumeConfig struct {
 	Options       map[string]string `json:"options"`
 	Scope         string            `json:"scope"`
 	IsCtrSpecific bool              `json:"ctrSpecific"`
+	UID           int               `json:"uid"`
+	GID           int               `json:"gid"`
 }
 
 // Name retrieves the volume's name