From 0be0cbe15fadd0e5f9e075d3302abf9188ef2ea8 Mon Sep 17 00:00:00 2001 From: Matthew Heon Date: Mon, 1 Mar 2021 09:32:26 -0500 Subject: [PATCH 1/2] Bump c/storage and c/image patch versions The version of v3.0 we're preparing to ship in RHEL uses these, so too much the upstream branch. Signed-off-by: Matthew Heon --- go.mod | 4 ++-- go.sum | 8 +++---- .../v5/pkg/sysregistriesv2/shortnames.go | 12 +++------- .../containers/image/v5/version/version.go | 2 +- vendor/github.com/containers/storage/VERSION | 2 +- .../storage/drivers/overlay/check.go | 4 ++++ .../storage/drivers/overlay/overlay.go | 22 +++++++++++++++++-- .../storage/pkg/homedir/homedir_others.go | 5 +++++ .../storage/pkg/homedir/homedir_unix.go | 15 +++++++++++++ vendor/modules.txt | 4 ++-- 10 files changed, 57 insertions(+), 21 deletions(-) diff --git a/go.mod b/go.mod index 4ab8824453..c756f338ea 100644 --- a/go.mod +++ b/go.mod @@ -13,10 +13,10 @@ require ( github.com/containers/buildah v1.19.4 github.com/containers/common v0.33.4 github.com/containers/conmon v2.0.20+incompatible - github.com/containers/image/v5 v5.10.2 + github.com/containers/image/v5 v5.10.3 github.com/containers/ocicrypt v1.0.3 github.com/containers/psgo v1.5.2 - github.com/containers/storage v1.24.6 + github.com/containers/storage v1.24.8 github.com/coreos/go-systemd/v22 v22.1.0 github.com/cri-o/ocicni v0.2.1-0.20201204103948-b6cbe99b9756 github.com/cyphar/filepath-securejoin v0.2.2 diff --git a/go.sum b/go.sum index 754d7e1e71..4bda115862 100644 --- a/go.sum +++ b/go.sum @@ -108,8 +108,8 @@ github.com/containers/image/v5 v5.9.0 h1:dRmUtcluQcmasNo3DpnRoZjfU0rOu1qZeL6wlDJ github.com/containers/image/v5 v5.9.0/go.mod h1:blOEFd/iFdeyh891ByhCVUc+xAcaI3gBegXECwz9UbQ= github.com/containers/image/v5 v5.10.1 h1:tHhGQ8RCMxJfJLD/PEW1qrOKX8nndledW9qz6UiAxns= github.com/containers/image/v5 v5.10.1/go.mod h1:JlRLJZv7elVbtHaaaR6Kz8i6G3k2ttj4t7fubwxD9Hs= -github.com/containers/image/v5 v5.10.2 h1:STD9GYR9p/X0qTLmBYsyx8dEM7zQW+qZ8KHoL/64fkg= -github.com/containers/image/v5 v5.10.2/go.mod h1:JlRLJZv7elVbtHaaaR6Kz8i6G3k2ttj4t7fubwxD9Hs= +github.com/containers/image/v5 v5.10.3 h1:DHgdrNkiBVav/ca/5EdAzn682Zuy1gp6PQgK83fiAkw= +github.com/containers/image/v5 v5.10.3/go.mod h1:SgIbWEedCNBbn2FI5cH0/jed1Ecy2s8XK5zTxvJTzII= github.com/containers/libtrust v0.0.0-20190913040956-14b96171aa3b h1:Q8ePgVfHDplZ7U33NwHZkrVELsZP5fYj9pM5WBZB2GE= github.com/containers/libtrust v0.0.0-20190913040956-14b96171aa3b/go.mod h1:9rfv8iPl1ZP7aqh9YA68wnZv2NUDbXdcdPHVz0pFbPY= github.com/containers/ocicrypt v1.0.3 h1:vYgl+RZ9Q3DPMuTfxmN+qp0X2Bj52uuY2vnt6GzVe1c= @@ -119,8 +119,8 @@ github.com/containers/psgo v1.5.2/go.mod h1:2ubh0SsreMZjSXW1Hif58JrEcFudQyIy9EzP github.com/containers/storage v1.23.7/go.mod h1:cUT2zHjtx+WlVri30obWmM2gpqpi8jfPsmIzP1TVpEI= github.com/containers/storage v1.24.5 h1:BusfdU0rCS2/Daa/DPw+0iLfGRlYA7UVF7D0el3N7Vk= github.com/containers/storage v1.24.5/go.mod h1:YC+2pY8SkfEAcZkwycxYbpK8EiRbx5soPPwz9dxe4IQ= -github.com/containers/storage v1.24.6 h1:9PBb9PoGuj5B/3MGfxx//RmUjMAklmx3rBbuCkuIc94= -github.com/containers/storage v1.24.6/go.mod h1:YC+2pY8SkfEAcZkwycxYbpK8EiRbx5soPPwz9dxe4IQ= +github.com/containers/storage v1.24.8 h1:v3pliVY5Jx1ZNJDoyCvRBrXMxlGLakBsxbBVWoaCI8Q= +github.com/containers/storage v1.24.8/go.mod h1:YC+2pY8SkfEAcZkwycxYbpK8EiRbx5soPPwz9dxe4IQ= github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= github.com/coreos/etcd v3.3.13+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= github.com/coreos/go-iptables v0.4.5 h1:DpHb9vJrZQEFMcVLFKAAGMUVX0XoRC0ptCthinRYm38= diff --git a/vendor/github.com/containers/image/v5/pkg/sysregistriesv2/shortnames.go b/vendor/github.com/containers/image/v5/pkg/sysregistriesv2/shortnames.go index a9c498d7a5..784a616dc9 100644 --- a/vendor/github.com/containers/image/v5/pkg/sysregistriesv2/shortnames.go +++ b/vendor/github.com/containers/image/v5/pkg/sysregistriesv2/shortnames.go @@ -34,15 +34,9 @@ func shortNameAliasesConfPath(ctx *types.SystemContext) (string, error) { } // Rootless user - var cacheRoot string - if xdgCache := os.Getenv("XDG_CACHE_HOME"); xdgCache != "" { - cacheRoot = xdgCache - } else { - configHome, err := homedir.GetConfigHome() - if err != nil { - return "", err - } - cacheRoot = filepath.Join(configHome, ".cache") + cacheRoot, err := homedir.GetCacheHome() + if err != nil { + return "", err } return filepath.Join(cacheRoot, userShortNamesFile), nil diff --git a/vendor/github.com/containers/image/v5/version/version.go b/vendor/github.com/containers/image/v5/version/version.go index 4c722505c7..b56acd3e7f 100644 --- a/vendor/github.com/containers/image/v5/version/version.go +++ b/vendor/github.com/containers/image/v5/version/version.go @@ -8,7 +8,7 @@ const ( // VersionMinor is for functionality in a backwards-compatible manner VersionMinor = 10 // VersionPatch is for backwards-compatible bug fixes - VersionPatch = 2 + VersionPatch = 3 // VersionDev indicates development branch. Releases will be empty string. VersionDev = "" diff --git a/vendor/github.com/containers/storage/VERSION b/vendor/github.com/containers/storage/VERSION index 7a429d68a3..f666fce1a2 100644 --- a/vendor/github.com/containers/storage/VERSION +++ b/vendor/github.com/containers/storage/VERSION @@ -1 +1 @@ -1.24.6 +1.24.8 diff --git a/vendor/github.com/containers/storage/drivers/overlay/check.go b/vendor/github.com/containers/storage/drivers/overlay/check.go index cbfad2cd57..446dc463fc 100644 --- a/vendor/github.com/containers/storage/drivers/overlay/check.go +++ b/vendor/github.com/containers/storage/drivers/overlay/check.go @@ -145,6 +145,10 @@ func doesMetacopy(d, mountOpts string) (bool, error) { opts = fmt.Sprintf("%s,%s", opts, data) } if err := unix.Mount("overlay", filepath.Join(td, "merged"), "overlay", uintptr(flags), opts); err != nil { + if errors.Cause(err) == unix.EINVAL { + logrus.Info("metacopy option not supported on this kernel", mountOpts) + return false, nil + } return false, errors.Wrapf(err, "failed to mount overlay for metacopy check with %q options", mountOpts) } defer func() { diff --git a/vendor/github.com/containers/storage/drivers/overlay/overlay.go b/vendor/github.com/containers/storage/drivers/overlay/overlay.go index a2209db8e1..d68bf2672d 100644 --- a/vendor/github.com/containers/storage/drivers/overlay/overlay.go +++ b/vendor/github.com/containers/storage/drivers/overlay/overlay.go @@ -750,8 +750,22 @@ func (d *Driver) getLowerDirs(id string) ([]string, error) { for _, s := range strings.Split(string(lowers), ":") { lower := d.dir(s) lp, err := os.Readlink(lower) + // if the link does not exist, we lost the symlinks during a sudden reboot. + // Let's go ahead and recreate those symlinks. if err != nil { - return nil, err + if os.IsNotExist(err) { + logrus.Warnf("Can't read link %q because it does not exist. Going through storage to recreate the missing symlinks.", lower) + if err := d.recreateSymlinks(); err != nil { + return nil, fmt.Errorf("error recreating the missing symlinks: %v", err) + } + // let's call Readlink on lower again now that we have recreated the missing symlinks + lp, err = os.Readlink(lower) + if err != nil { + return nil, err + } + } else { + return nil, err + } } lowersArray = append(lowersArray, path.Clean(d.dir(path.Join("link", lp)))) } @@ -879,7 +893,11 @@ func (d *Driver) get(id string, disableShifting bool, options graphdriver.MountO // If metacopy=on is present in d.options.mountOptions it must be present in the mount // options otherwise the kernel refuses to follow the metacopy xattr. if hasMetacopyOption(strings.Split(d.options.mountOptions, ",")) && !hasMetacopyOption(options.Options) { - optsList = append(optsList, "metacopy=on") + if d.usingMetacopy { + optsList = append(optsList, "metacopy=on") + } else { + logrus.Warnf("ignoring metacopy option from storage.conf, not supported with booted kernel") + } } } for _, o := range optsList { diff --git a/vendor/github.com/containers/storage/pkg/homedir/homedir_others.go b/vendor/github.com/containers/storage/pkg/homedir/homedir_others.go index 4f778c8584..361563ab6f 100644 --- a/vendor/github.com/containers/storage/pkg/homedir/homedir_others.go +++ b/vendor/github.com/containers/storage/pkg/homedir/homedir_others.go @@ -28,3 +28,8 @@ func GetDataHome() (string, error) { func GetConfigHome() (string, error) { return "", errors.New("homedir.GetConfigHome() is not supported on this system") } + +// GetCacheHome is unsupported on non-linux system. +func GetCacheHome() (string, error) { + return "", errors.New("homedir.GetCacheHome() is not supported on this system") +} diff --git a/vendor/github.com/containers/storage/pkg/homedir/homedir_unix.go b/vendor/github.com/containers/storage/pkg/homedir/homedir_unix.go index 0274d037f8..2475e351bb 100644 --- a/vendor/github.com/containers/storage/pkg/homedir/homedir_unix.go +++ b/vendor/github.com/containers/storage/pkg/homedir/homedir_unix.go @@ -123,3 +123,18 @@ func GetConfigHome() (string, error) { } return filepath.Join(home, ".config"), nil } + +// GetCacheHome returns XDG_CACHE_HOME. +// GetCacheHome returns $HOME/.cache and nil error if XDG_CACHE_HOME is not set. +// +// See also https://standards.freedesktop.org/basedir-spec/latest/ar01s03.html +func GetCacheHome() (string, error) { + if xdgCacheHome := os.Getenv("XDG_CACHE_HOME"); xdgCacheHome != "" { + return xdgCacheHome, nil + } + home := Get() + if home == "" { + return "", errors.New("could not get either XDG_CACHE_HOME or HOME") + } + return filepath.Join(home, ".cache"), nil +} diff --git a/vendor/modules.txt b/vendor/modules.txt index ad6465022f..2ba77459fd 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -108,7 +108,7 @@ github.com/containers/common/pkg/umask github.com/containers/common/version # github.com/containers/conmon v2.0.20+incompatible github.com/containers/conmon/runner/config -# github.com/containers/image/v5 v5.10.2 +# github.com/containers/image/v5 v5.10.3 github.com/containers/image/v5/copy github.com/containers/image/v5/directory github.com/containers/image/v5/directory/explicitfilepath @@ -174,7 +174,7 @@ github.com/containers/psgo/internal/dev github.com/containers/psgo/internal/host github.com/containers/psgo/internal/proc github.com/containers/psgo/internal/process -# github.com/containers/storage v1.24.6 +# github.com/containers/storage v1.24.8 github.com/containers/storage github.com/containers/storage/drivers github.com/containers/storage/drivers/aufs From 956bbad2ab95b9a89ec76e11d839bdaf2e33bb04 Mon Sep 17 00:00:00 2001 From: Valentin Rothberg Date: Thu, 18 Feb 2021 17:56:47 +0100 Subject: [PATCH 2/2] cp: treat "." and "/." correctly Make sure to treat "." and "/." correctly. Both cases imply to copy the contents of a directory in contrast to the directory. This implies to unset the KeepDirectoryNames options of the copiah package. Previously, the code was performing a simple string suffix check which is not enough since it would match files and directories ending with ".". Signed-off-by: Valentin Rothberg --- cmd/podman/containers/cp.go | 4 ++-- pkg/domain/infra/abi/archive.go | 7 ++++--- test/system/065-cp.bats | 26 ++++++++++++++++++++++++++ 3 files changed, 32 insertions(+), 5 deletions(-) diff --git a/cmd/podman/containers/cp.go b/cmd/podman/containers/cp.go index 36d99e08ae..d3b9044128 100644 --- a/cmd/podman/containers/cp.go +++ b/cmd/podman/containers/cp.go @@ -311,8 +311,8 @@ func copyToContainer(container string, containerPath string, hostPath string) er } getOptions := buildahCopiah.GetOptions{ - // Unless the specified path ends with ".", we want to copy the base directory. - KeepDirectoryNames: !strings.HasSuffix(hostPath, "."), + // Unless the specified points to ".", we want to copy the base directory. + KeepDirectoryNames: hostInfo.IsDir && filepath.Base(hostPath) != ".", } if !hostInfo.IsDir && (!containerInfo.IsDir || containerInfoErr != nil) { // If we're having a file-to-file copy, make sure to diff --git a/pkg/domain/infra/abi/archive.go b/pkg/domain/infra/abi/archive.go index 64946f5612..528771ee72 100644 --- a/pkg/domain/infra/abi/archive.go +++ b/pkg/domain/infra/abi/archive.go @@ -3,6 +3,7 @@ package abi import ( "context" "io" + "path/filepath" "strings" buildahCopiah "github.com/containers/buildah/copier" @@ -93,7 +94,7 @@ func (ic *ContainerEngine) ContainerCopyToArchive(ctx context.Context, nameOrID containerPath = "/." } - _, resolvedRoot, resolvedContainerPath, err := ic.containerStat(container, containerMountPoint, containerPath) + statInfo, resolvedRoot, resolvedContainerPath, err := ic.containerStat(container, containerMountPoint, containerPath) if err != nil { unmount() return nil, err @@ -110,8 +111,8 @@ func (ic *ContainerEngine) ContainerCopyToArchive(ctx context.Context, nameOrID return func() error { defer container.Unmount(false) getOptions := buildahCopiah.GetOptions{ - // Unless the specified path ends with ".", we want to copy the base directory. - KeepDirectoryNames: !strings.HasSuffix(resolvedContainerPath, "."), + // Unless the specified points to ".", we want to copy the base directory. + KeepDirectoryNames: statInfo.IsDir && filepath.Base(containerPath) != ".", UIDMap: idMappings.UIDMap, GIDMap: idMappings.GIDMap, ChownDirs: idPair, diff --git a/test/system/065-cp.bats b/test/system/065-cp.bats index d3cf1c2745..0fcc437d4e 100644 --- a/test/system/065-cp.bats +++ b/test/system/065-cp.bats @@ -18,6 +18,8 @@ load helpers echo "${randomcontent[0]}" > $srcdir/hostfile0 echo "${randomcontent[1]}" > $srcdir/hostfile1 echo "${randomcontent[2]}" > $srcdir/hostfile2 + mkdir -p $srcdir/subdir + echo "${randomcontent[2]}" > $srcdir/subdir/dotfile. run_podman run -d --name cpcontainer --workdir=/srv $IMAGE sleep infinity run_podman exec cpcontainer mkdir /srv/subdir @@ -50,6 +52,11 @@ load helpers is "$output" "${randomcontent[$id]}" "$description (cp -> ctr:$dest)" done < <(parse_table "$tests") + # Dots are special for dirs not files. + run_podman cp $srcdir/subdir/dotfile. cpcontainer:/tmp + run_podman exec cpcontainer cat /tmp/dotfile. + is "$output" "${randomcontent[2]}" "$description (cp -> ctr:$dest)" + # Host path does not exist. run_podman 125 cp $srcdir/IdoNotExist cpcontainer:/tmp is "$output" 'Error: ".*/IdoNotExist" could not be found on the host' \ @@ -76,12 +83,14 @@ load helpers ) run_podman run -d --name cpcontainer --workdir=/srv $IMAGE sleep infinity run_podman exec cpcontainer sh -c "echo ${randomcontent[0]} > /tmp/containerfile" + run_podman exec cpcontainer sh -c "echo ${randomcontent[0]} > /tmp/dotfile." run_podman exec cpcontainer sh -c "echo ${randomcontent[1]} > /srv/containerfile1" run_podman exec cpcontainer sh -c "mkdir /srv/subdir; echo ${randomcontent[2]} > /srv/subdir/containerfile2" # format is: | | | | tests=" 0 | /tmp/containerfile | | /containerfile | copy to srcdir/ +0 | /tmp/dotfile. | | /dotfile. | copy to srcdir/ 0 | /tmp/containerfile | / | /containerfile | copy to srcdir/ 0 | /tmp/containerfile | /. | /containerfile | copy to srcdir/. 0 | /tmp/containerfile | /newfile | /newfile | copy to srcdir/newfile @@ -117,12 +126,18 @@ load helpers echo "${randomcontent[0]}" > $srcdir/hostfile0 echo "${randomcontent[1]}" > $srcdir/hostfile1 + # "." and "dir/." will copy the contents, so make sure that a dir ending + # with dot is treated correctly. + mkdir -p $srcdir. + cp $srcdir/* $srcdir./ + run_podman run -d --name cpcontainer --workdir=/srv $IMAGE sleep infinity run_podman exec cpcontainer mkdir /srv/subdir # format is: | | | tests=" | / | /dir-test | copy to root + . | / | /dir-test. | copy dotdir to root / | /tmp | /tmp/dir-test | copy to tmp /. | /usr/ | /usr/ | copy contents of dir to usr/ | . | /srv/dir-test | copy to workdir (rel path) @@ -153,6 +168,9 @@ load helpers run_podman run -d --name cpcontainer --workdir=/srv $IMAGE sleep infinity run_podman exec cpcontainer sh -c 'mkdir /srv/subdir; echo "This first file is on the container" > /srv/subdir/containerfile1' run_podman exec cpcontainer sh -c 'echo "This second file is on the container as well" > /srv/subdir/containerfile2' + # "." and "dir/." will copy the contents, so make sure that a dir ending + # with dot is treated correctly. + run_podman exec cpcontainer sh -c 'mkdir /tmp/subdir.; cp /srv/subdir/* /tmp/subdir./' run_podman cp cpcontainer:/srv $srcdir run cat $srcdir/srv/subdir/containerfile1 @@ -174,6 +192,14 @@ load helpers is "$output" "This first file is on the container" run cat $srcdir/containerfile2 is "$output" "This second file is on the container as well" + rm -rf $srcdir/subdir + + run_podman cp cpcontainer:/tmp/subdir. $srcdir + run cat $srcdir/subdir./containerfile1 + is "$output" "This first file is on the container" + run cat $srcdir/subdir./containerfile2 + is "$output" "This second file is on the container as well" + rm -rf $srcdir/subdir. run_podman rm -f cpcontainer }