chiark
/
gitweb
/
~ianmdlvl
/
elogind.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
import: make sure we don't mangle file ownerships with the local passwd database...
[elogind.git]
/
src
/
import
/
import-dkr.c
diff --git
a/src/import/import-dkr.c
b/src/import/import-dkr.c
index 594da547f578727248512abaeeb450a9d1a9f1fe..b54a1a6d94b5eeeb9dcd9e2d938544022cfb2367 100644
(file)
--- a/
src/import/import-dkr.c
+++ b/
src/import/import-dkr.c
@@
-94,12
+94,15
@@
struct DkrImport {
CurlGlue *glue;
char *index_url;
CurlGlue *glue;
char *index_url;
+ char *image_root;
Hashmap *names;
Hashmap *jobs;
dkr_import_on_finished on_finished;
void *userdata;
Hashmap *names;
Hashmap *jobs;
dkr_import_on_finished on_finished;
void *userdata;
+
+ bool finished;
};
#define PROTOCOL_PREFIX "https://"
};
#define PROTOCOL_PREFIX "https://"
@@
-181,6
+184,11
@@
DEFINE_TRIVIAL_CLEANUP_FUNC(DkrImportName*, dkr_import_name_unref);
static void dkr_import_finish(DkrImport *import, int error) {
assert(import);
static void dkr_import_finish(DkrImport *import, int error) {
assert(import);
+ if (import->finished)
+ return;
+
+ import->finished = true;
+
if (import->on_finished)
import->on_finished(import, error, import->userdata);
else
if (import->on_finished)
import->on_finished(import, error, import->userdata);
else
@@
-399,22
+407,22
@@
static void dkr_import_name_maybe_finish(DkrImportName *name) {
assert(name->id);
assert(name->id);
- p = strappenda(
"/var/lib/container
/", name->local);
- q = strappenda(
"/var/lib/container
/.dkr-", name->id);
+ p = strappenda(
name->import->image_root, "
/", name->local);
+ q = strappenda(
name->import->image_root, "
/.dkr-", name->id);
if (name->force_local) {
(void) btrfs_subvol_remove(p);
if (name->force_local) {
(void) btrfs_subvol_remove(p);
- (void) rm_rf(p, false, true, false);
+ (void) rm_rf
_dangerous
(p, false, true, false);
}
r = btrfs_subvol_snapshot(q, p, false, false);
if (r < 0) {
}
r = btrfs_subvol_snapshot(q, p, false, false);
if (r < 0) {
- log_error_errno(r, "Failed to snapshot
fin
al image: %m");
+ log_error_errno(r, "Failed to snapshot
loc
al image: %m");
dkr_import_finish(name->import, r);
return;
}
dkr_import_finish(name->import, r);
return;
}
- log_info("Created new image %s.", p);
+ log_info("Created new
local
image %s.", p);
}
dkr_import_finish(name->import, 0);
}
dkr_import_finish(name->import, 0);
@@
-485,7
+493,7
@@
static int dkr_import_job_run_tar(DkrImportJob *job) {
if (null_fd != STDOUT_FILENO)
safe_close(null_fd);
if (null_fd != STDOUT_FILENO)
safe_close(null_fd);
- execlp("tar", "tar", "-C", job->temp_path, gzip ? "-x
z" : "-x
", NULL);
+ execlp("tar", "tar", "-C", job->temp_path, gzip ? "-x
pz" : "-px", "--numeric-owner
", NULL);
_exit(EXIT_FAILURE);
}
_exit(EXIT_FAILURE);
}
@@
-527,7
+535,7
@@
static int dkr_import_name_pull_layer(DkrImportName *name) {
return 0;
}
return 0;
}
- path = strjoin(
"/var/lib/container
/.dkr-", layer, NULL);
+ path = strjoin(
name->import->image_root, "
/.dkr-", layer, NULL);
if (!path)
return log_oom();
if (!path)
return log_oom();
@@
-568,7
+576,7
@@
static int dkr_import_name_pull_layer(DkrImportName *name) {
if (base) {
const char *base_path;
if (base) {
const char *base_path;
- base_path = strappend
("/var/lib/container
/.dkr-", base);
+ base_path = strappend
a(name->import->image_root, "
/.dkr-", base);
r = btrfs_subvol_snapshot(base_path, temp, false, true);
} else
r = btrfs_subvol_make(temp);
r = btrfs_subvol_snapshot(base_path, temp, false, true);
} else
r = btrfs_subvol_make(temp);
@@
-711,7
+719,7
@@
static void dkr_import_curl_on_finished(CurlGlue *g, CURL *curl, CURLcode result
if (curl_easy_getinfo(curl, CURLINFO_PRIVATE, &job) != CURLE_OK)
return;
if (curl_easy_getinfo(curl, CURLINFO_PRIVATE, &job) != CURLE_OK)
return;
- if (!job)
+ if (!job
|| job->done
)
return;
job->done = true;
return;
job->done = true;
@@
-773,7
+781,7
@@
static void dkr_import_curl_on_finished(CurlGlue *g, CURL *curl, CURLcode result
goto fail;
}
goto fail;
}
- r = btrfs_subvol_read_only(job->temp_path, true);
+ r = btrfs_subvol_
set_
read_only(job->temp_path, true);
if (r < 0) {
log_error_errno(r, "Failed to mark snapshot read-only: %m");
goto fail;
if (r < 0) {
log_error_errno(r, "Failed to mark snapshot read-only: %m");
goto fail;
@@
-810,12
+818,17
@@
static size_t dkr_import_job_write_callback(void *contents, size_t size, size_t
assert(contents);
assert(j);
assert(contents);
assert(j);
+ if (j->done) {
+ r = -ESTALE;
+ goto fail;
+ }
+
if (j->tar_stream) {
size_t l;
l = fwrite(contents, size, nmemb, j->tar_stream);
if (l != nmemb) {
if (j->tar_stream) {
size_t l;
l = fwrite(contents, size, nmemb, j->tar_stream);
if (l != nmemb) {
- r =
-errno
;
+ r =
log_error_errno(errno, "Failed to write to tar: %m")
;
goto fail;
}
goto fail;
}
@@
-823,13
+836,14
@@
static size_t dkr_import_job_write_callback(void *contents, size_t size, size_t
}
if (j->payload_size + sz > PAYLOAD_MAX) {
}
if (j->payload_size + sz > PAYLOAD_MAX) {
+ log_error("Payload too large.");
r = -EFBIG;
goto fail;
}
p = realloc(j->payload, j->payload_size + sz);
if (!p) {
r = -EFBIG;
goto fail;
}
p = realloc(j->payload, j->payload_size + sz);
if (!p) {
- r =
-ENOMEM
;
+ r =
log_oom()
;
goto fail;
}
goto fail;
}
@@
-858,6
+872,11
@@
static size_t dkr_import_job_header_callback(void *contents, size_t size, size_t
assert(contents);
assert(j);
assert(contents);
assert(j);
+ if (j->done) {
+ r = -ESTALE;
+ goto fail;
+ }
+
r = curl_header_strdup(contents, sz, HEADER_TOKEN, &token);
if (r < 0) {
log_oom();
r = curl_header_strdup(contents, sz, HEADER_TOKEN, &token);
if (r < 0) {
log_oom();
@@
-1003,13
+1022,21
@@
static int dkr_import_name_begin(DkrImportName *name) {
return dkr_import_name_add_job(name, DKR_IMPORT_JOB_IMAGES, url, &name->job_images);
}
return dkr_import_name_add_job(name, DKR_IMPORT_JOB_IMAGES, url, &name->job_images);
}
-int dkr_import_new(DkrImport **import, sd_event *event, const char *index_url, dkr_import_on_finished on_finished, void *userdata) {
+int dkr_import_new(
+ DkrImport **import,
+ sd_event *event,
+ const char *index_url,
+ const char *image_root,
+ dkr_import_on_finished on_finished,
+ void *userdata) {
+
_cleanup_(dkr_import_unrefp) DkrImport *i = NULL;
char *e;
int r;
assert(import);
assert(dkr_url_is_valid(index_url));
_cleanup_(dkr_import_unrefp) DkrImport *i = NULL;
char *e;
int r;
assert(import);
assert(dkr_url_is_valid(index_url));
+ assert(image_root);
i = new0(DkrImport, 1);
if (!i)
i = new0(DkrImport, 1);
if (!i)
@@
-1022,6
+1049,10
@@
int dkr_import_new(DkrImport **import, sd_event *event, const char *index_url, d
if (!i->index_url)
return -ENOMEM;
if (!i->index_url)
return -ENOMEM;
+ i->image_root = strdup(image_root);
+ if (!i->image_root)
+ return -ENOMEM;
+
e = endswith(i->index_url, "/");
if (e)
*e = 0;
e = endswith(i->index_url, "/");
if (e)
*e = 0;
@@
-1066,7
+1097,7
@@
DkrImport* dkr_import_unref(DkrImport *import) {
sd_event_unref(import->event);
free(import->index_url);
sd_event_unref(import->event);
free(import->index_url);
-
+ free(import->image_root);
free(import);
return NULL;
free(import);
return NULL;
@@
-1123,7
+1154,7
@@
int dkr_import_pull(DkrImport *import, const char *name, const char *tag, const
n->force_local = force_local;
}
n->force_local = force_local;
}
- r = hashmap_put(import->names, name, n);
+ r = hashmap_put(import->names, n
->n
ame, n);
if (r < 0)
return r;
if (r < 0)
return r;