The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/6192
This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.
=== Description (from pull-request) ===
Skip chown when copying symlinks. When performing copy operations for
chroot environments (outside of the actual env), this may lead to
issues regarding the ownership of files on the host machine.
Signed-off-by: Thomas Hipp <thomas.h...@canonical.com>
From 22b2adc33873dd08b6023d1c794f776210aa5bdb Mon Sep 17 00:00:00 2001
From: Thomas Hipp <thomas.h...@canonical.com>
Date: Thu, 12 Sep 2019 09:37:05 +0200
Subject: [PATCH] shared: Skip chown when copying symlinks
Skip chown when copying symlinks. When performing copy operations for
chroot environments (outside of the actual env), this may lead to
issues regarding the ownership of files on the host machine.
Signed-off-by: Thomas Hipp <thomas.h...@canonical.com>
---
shared/util.go | 51 +++++++++++++++++++++++++-------------------------
1 file changed, 25 insertions(+), 26 deletions(-)
diff --git a/shared/util.go b/shared/util.go
index ed38696132..b66f7b221f 100644
--- a/shared/util.go
+++ b/shared/util.go
@@ -353,8 +353,6 @@ func FileCopy(source string, dest string) error {
return err
}
- var d *os.File
-
if fi.Mode()&os.ModeSymlink != 0 {
target, err := os.Readlink(source)
if err != nil {
@@ -373,36 +371,37 @@ func FileCopy(source string, dest string) error {
return err
}
- d, err = os.OpenFile(dest, os.O_WRONLY, fi.Mode())
- if err != nil {
- return err
- }
- defer d.Close()
- } else {
- s, err := os.Open(source)
- if err != nil {
- return err
- }
- defer s.Close()
+ // Exit early and skip Chown() if we're copying a symlink.
Chown()
+ // changes the ownership of the target file which may lead to
problems
+ // when performing copy operations for files in a chroot env
(outside of
+ // the env). In that case, ownership of files on the host
machine may
+ // be changed unintentially.
+ return nil
+ }
- d, err = os.Create(dest)
- if err != nil {
- if os.IsExist(err) {
- d, err = os.OpenFile(dest, os.O_WRONLY,
fi.Mode())
- if err != nil {
- return err
- }
- } else {
+ s, err := os.Open(source)
+ if err != nil {
+ return err
+ }
+ defer s.Close()
+
+ d, err := os.Create(dest)
+ if err != nil {
+ if os.IsExist(err) {
+ d, err = os.OpenFile(dest, os.O_WRONLY, fi.Mode())
+ if err != nil {
return err
}
- }
- defer d.Close()
-
- _, err = io.Copy(d, s)
- if err != nil {
+ } else {
return err
}
}
+ defer d.Close()
+
+ _, err = io.Copy(d, s)
+ if err != nil {
+ return err
+ }
/* chown not supported on windows */
if runtime.GOOS != "windows" {
_______________________________________________
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel
