opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-11-02 06:37:09 +08:00
Code Issues Packages Projects Releases Wiki Activity

vendor c/common@0ededd18a1

Browse Source 
Update the login tests to reflect the latest changes to allow http{s}
prefixes (again) to address bugzilla.redhat.com/show_bug.cgi?id=2062072.

Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
This commit is contained in:
Valentin Rothberg
2022-03-18 15:18:30 +01:00
parent 3853ef9b59
commit 57cdc21b00
65 changed files with 188 additions and 59 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
vendor/github.com/containers/common/libimage/runtime.go generated vendored
View File

@ -592,6 +592,8 @@ type RemoveImagesOptions struct {
// containers using a specific image. By default, all containers in
// the local containers storage will be removed (if Force is set).
RemoveContainerFunc RemoveContainerFunc
// Ignore if a specified image does not exist and do not throw an error.
Ignore bool
// IsExternalContainerFunc allows for checking whether the specified
// container is an external one (when containers=external filter is
// used). The definition of an external container can be set by
@ -677,6 +679,9 @@ func (r *Runtime) RemoveImages(ctx context.Context, names []string, options *Rem
for _, name := range names {
img, resolvedName, err := r.LookupImage(name, lookupOptions)
if err != nil {
if options.Ignore && errors.Is(err, storage.ErrImageUnknown) {
continue
}
appendError(err)
continue
}

13
vendor/github.com/containers/common/libnetwork/cni/cni_conversion.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build linux
// +build linux
package cni
@ -128,15 +129,21 @@ func findPluginByName(plugins []*libcni.NetworkConfig, name string) bool {
// It returns an array of subnets and an extra bool if dhcp is configured.
func convertIPAMConfToNetwork(network *types.Network, ipam *ipamConfig, confPath string) error {
if ipam.PluginType == types.DHCPIPAMDriver {
network.IPAMOptions["driver"] = types.DHCPIPAMDriver
network.IPAMOptions[types.Driver] = types.DHCPIPAMDriver
return nil
}
if ipam.PluginType != types.HostLocalIPAMDriver {
return errors.Errorf("unsupported ipam plugin %s in %s", ipam.PluginType, confPath)
// This is not an error. While we only support certain ipam drivers, we
// cannot make it fail for unsupported ones. CNI is still able to use them,
// just our translation logic cannot convert this into a Network.
// For the same reason this is not warning, it would just be annoying for
// everyone using a unknown ipam driver.
logrus.Infof("unsupported ipam plugin %q in %s", ipam.PluginType, confPath)
return nil
}
network.IPAMOptions["driver"] = types.HostLocalIPAMDriver
network.IPAMOptions[types.Driver] = types.HostLocalIPAMDriver
for _, r := range ipam.Ranges {
for _, ipam := range r {
s := types.Subnet{}

1
vendor/github.com/containers/common/libnetwork/cni/cni_exec.go generated vendored
View File

@ -16,6 +16,7 @@
// See the License for the specific language governing permissions and
// limitations under the License.
//go:build linux
// +build linux
package cni

1
vendor/github.com/containers/common/libnetwork/cni/cni_types.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build linux
// +build linux
package cni

5
vendor/github.com/containers/common/libnetwork/cni/config.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build linux
// +build linux
package cni
@ -197,12 +198,12 @@ func createIPMACVLAN(network *types.Network) error {
}
}
if len(network.Subnets) == 0 {
network.IPAMOptions["driver"] = types.DHCPIPAMDriver
network.IPAMOptions[types.Driver] = types.DHCPIPAMDriver
if network.Internal {
return errors.New("internal is not supported with macvlan and dhcp ipam driver")
}
} else {
network.IPAMOptions["driver"] = types.HostLocalIPAMDriver
network.IPAMOptions[types.Driver] = types.HostLocalIPAMDriver
}
return nil
}

1
vendor/github.com/containers/common/libnetwork/cni/network.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build linux
// +build linux
package cni

1
vendor/github.com/containers/common/libnetwork/cni/run.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build linux
// +build linux
package cni

4
vendor/github.com/containers/common/libnetwork/internal/util/bridge.go generated vendored
View File

@ -27,7 +27,7 @@ func CreateBridge(n NetUtil, network *types.Network, usedNetworks []*net.IPNet,
}
}
if network.IPAMOptions["driver"] != types.DHCPIPAMDriver {
if network.IPAMOptions[types.Driver] != types.DHCPIPAMDriver {
if len(network.Subnets) == 0 {
freeSubnet, err := GetFreeIPv4NetworkSubnet(usedNetworks, subnetPools)
if err != nil {
@ -63,7 +63,7 @@ func CreateBridge(n NetUtil, network *types.Network, usedNetworks []*net.IPNet,
network.Subnets = append(network.Subnets, *freeSubnet)
}
}
network.IPAMOptions["driver"] = types.HostLocalIPAMDriver
network.IPAMOptions[types.Driver] = types.HostLocalIPAMDriver
}
return nil
}

2
vendor/github.com/containers/common/libnetwork/internal/util/validate.go generated vendored
View File

@ -109,7 +109,7 @@ func validatePerNetworkOpts(network *types.Network, netOpts *types.PerNetworkOpt
if netOpts.InterfaceName == "" {
return errors.Errorf("interface name on network %s is empty", network.Name)
}
if network.IPAMOptions["driver"] == types.HostLocalIPAMDriver {
if network.IPAMOptions[types.Driver] == types.HostLocalIPAMDriver {
outer:
for _, ip := range netOpts.StaticIPs {
for _, s := range network.Subnets {

4
vendor/github.com/containers/common/libnetwork/netavark/config.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build linux
// +build linux
package netavark
@ -130,6 +131,7 @@ func (n *netavarkNetwork) networkCreate(newNetwork *types.Network, defaultNet bo
if err != nil {
return nil, err
}
defer f.Close()
enc := json.NewEncoder(f)
enc.SetIndent("", " ")
err = enc.Encode(newNetwork)
@ -154,7 +156,7 @@ func createMacvlan(network *types.Network) error {
if len(network.Subnets) == 0 {
return errors.Errorf("macvlan driver needs at least one subnet specified, DHCP is not supported with netavark")
}
network.IPAMOptions["driver"] = types.HostLocalIPAMDriver
network.IPAMOptions[types.Driver] = types.HostLocalIPAMDriver
// validate the given options, we do not need them but just check to make sure they are valid
for key, value := range network.Options {

1
vendor/github.com/containers/common/libnetwork/netavark/const.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build linux
// +build linux
package netavark

1
vendor/github.com/containers/common/libnetwork/netavark/exec.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build linux
// +build linux
package netavark

3
vendor/github.com/containers/common/libnetwork/netavark/ipam.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build linux
// +build linux
package netavark
@ -361,7 +362,7 @@ func (n *netavarkNetwork) deallocIPs(opts *types.NetworkOptions) error {
// it checks the ipam driver and if subnets are set
func requiresIPAMAlloc(network *types.Network) bool {
// only do host allocation when driver is set to HostLocalIPAMDriver or unset
switch network.IPAMOptions["driver"] {
switch network.IPAMOptions[types.Driver] {
case "", types.HostLocalIPAMDriver:
default:
return false

1
vendor/github.com/containers/common/libnetwork/netavark/network.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build linux
// +build linux
package netavark

11
vendor/github.com/containers/common/libnetwork/netavark/run.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build linux
// +build linux
package netavark
@ -44,6 +45,16 @@ func (n *netavarkNetwork) Setup(namespacePath string, options types.SetupOptions
return nil, errors.Wrap(err, "failed to convert net opts")
}
// Warn users if one or more networks have dns enabled
// but aardvark-dns binary is not configured
for _, network := range netavarkOpts.Networks {
if network != nil && network.DNSEnabled && n.aardvarkBinary == "" {
// this is not a fatal error we can still use container without dns
logrus.Warnf("aardvark-dns binary not found, container dns will not be enabled")
break
}
}
// trace output to get the json
if logrus.IsLevelEnabled(logrus.TraceLevel) {
b, err := json.Marshal(&netavarkOpts)

7
vendor/github.com/containers/common/libnetwork/network/interface.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build linux
// +build linux
package network
@ -61,11 +62,7 @@ func NetworkBackend(store storage.Store, conf *config.Config, syslog bool) (type
return "", nil, err
}
aardvarkBin, err := conf.FindHelperBinary(aardvarkBinary, false)
if err != nil {
// this is not a fatal error we can still use netavark without dns
logrus.Warnf("%s binary not found, container dns will not be enabled", aardvarkBin)
}
aardvarkBin, _ := conf.FindHelperBinary(aardvarkBinary, false)
confDir := conf.Network.NetworkConfigDir
if confDir == "" {

1
vendor/github.com/containers/common/libnetwork/types/const.go generated vendored
View File

@ -11,6 +11,7 @@ const (
IPVLANNetworkDriver = "ipvlan"
// IPAM drivers
Driver = "driver"
// HostLocalIPAMDriver store the ip
HostLocalIPAMDriver = "host-local"
// DHCPIPAMDriver get subnet and ip from dhcp server

2
vendor/github.com/containers/common/libnetwork/util/filters.go generated vendored
View File

@ -29,7 +29,7 @@ func createFilterFuncs(key string, filterValues []string) (types.FilterFunc, err
return util.StringMatchRegexSlice(net.Name, filterValues)
}, nil
case "driver":
case types.Driver:
// matches network driver
return func(net types.Network) bool {
return util.StringInSlice(net.Driver, filterValues)

1
vendor/github.com/containers/common/pkg/apparmor/apparmor_linux.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build linux && apparmor
// +build linux,apparmor
package apparmor

1
vendor/github.com/containers/common/pkg/apparmor/apparmor_linux_template.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build linux && apparmor
// +build linux,apparmor
package apparmor

1
vendor/github.com/containers/common/pkg/apparmor/apparmor_unsupported.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build !linux || !apparmor
// +build !linux !apparmor
package apparmor

52
vendor/github.com/containers/common/pkg/auth/auth.go generated vendored
View File

@ -4,6 +4,7 @@ import (
"bufio"
"context"
"fmt"
"net/url"
"os"
"path/filepath"
"strings"
@ -165,20 +166,21 @@ func Login(ctx context.Context, systemContext *types.SystemContext, opts *LoginO
// parseCredentialsKey turns the provided argument into a valid credential key
// and computes the registry part.
func parseCredentialsKey(arg string, acceptRepositories bool) (key, registry string, err error) {
// URL arguments are replaced with their host[:port] parts.
key, err = replaceURLByHostPort(arg)
if err != nil {
return "", "", err
}
split := strings.Split(key, "/")
registry = split[0]
if !acceptRepositories {
registry = getRegistryName(arg)
key = registry
return key, registry, nil
return registry, registry, nil
}
key = trimScheme(arg)
if key != arg {
return "", "", errors.New("credentials key has https[s]:// prefix")
}
registry = getRegistryName(key)
// Return early if the key isn't namespaced or uses an http{s} prefix.
if registry == key {
// The key is not namespaced
return key, registry, nil
}
@ -202,24 +204,18 @@ func parseCredentialsKey(arg string, acceptRepositories bool) (key, registry str
return key, registry, nil
}
// getRegistryName scrubs and parses the input to get the server name
func getRegistryName(server string) string {
// removes 'http://' or 'https://' from the front of the
// server/registry string if either is there. This will be mostly used
// for user input from 'Buildah login' and 'Buildah logout'.
server = trimScheme(server)
// gets the registry from the input. If the input is of the form
// quay.io/myuser/myimage, it will parse it and just return quay.io
split := strings.Split(server, "/")
return split[0]
}
// trimScheme removes the HTTP(s) scheme from the provided repository.
func trimScheme(repository string) string {
// removes 'http://' or 'https://' from the front of the
// server/registry string if either is there. This will be mostly used
// for user input from 'Buildah login' and 'Buildah logout'.
return strings.TrimPrefix(strings.TrimPrefix(repository, "https://"), "http://")
// If the specified string starts with http{s} it is replaced with it's
// host[:port] parts; everything else is stripped. Otherwise, the string is
// returned as is.
func replaceURLByHostPort(repository string) (string, error) {
if !strings.HasPrefix(repository, "https://") && !strings.HasPrefix(repository, "http://") {
return repository, nil
}
u, err := url.Parse(repository)
if err != nil {
return "", fmt.Errorf("trimming http{s} prefix: %v", err)
}
return u.Host, nil
}
// getUserAndPass gets the username and password from STDIN if not given

1
vendor/github.com/containers/common/pkg/cgroups/cgroups_supported.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build linux
// +build linux
package cgroups

1
vendor/github.com/containers/common/pkg/cgroups/cgroups_unsupported.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build !linux
// +build !linux
package cgroups

1
vendor/github.com/containers/common/pkg/cgroupv2/cgroups_unsupported.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build !linux
// +build !linux
package cgroupv2

1
vendor/github.com/containers/common/pkg/chown/chown_unix.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build !windows
// +build !windows
package chown

4
vendor/github.com/containers/common/pkg/config/config.go generated vendored
View File

@ -249,6 +249,10 @@ type EngineConfig struct {
// EventsLogFilePath is where the events log is stored.
EventsLogFilePath string `toml:"events_logfile_path,omitempty"`
// EventsLogFileMaxSize sets the maximum size for the events log. When the limit is exceeded,
// the logfile is rotated and the old one is deleted.
EventsLogFileMaxSize uint64 `toml:"events_logfile_max_size,omitempty"`
// EventsLogger determines where events should be logged.
EventsLogger string `toml:"events_logger,omitempty"`

1
vendor/github.com/containers/common/pkg/config/config_local.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build !remote
// +build !remote
package config

1
vendor/github.com/containers/common/pkg/config/config_remote.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build remote
// +build remote
package config

1
vendor/github.com/containers/common/pkg/config/config_unsupported.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build !linux
// +build !linux
package config

6
vendor/github.com/containers/common/pkg/config/containers.conf generated vendored
View File

@ -371,6 +371,12 @@ default_sysctls = [
# Define where event logs will be stored, when events_logger is "file".
#events_logfile_path=""
# Sets the maximum size for events_logfile_path in bytes. When the limit is exceeded,
# the logfile will be rotated and the old one will be deleted.
# If the maximum size is set to 0, then no limit will be applied,
# and the logfile will not be rotated.
#events_logfile_max_size = 0
# Selects which logging mechanism to use for container engine events.
# Valid values are `journald`, `file` and `none`.
#

2
vendor/github.com/containers/common/pkg/config/default.go generated vendored
View File

@ -276,7 +276,7 @@ func defaultConfigFromMemory() (*EngineConfig, error) {
storeOpts.GraphRoot = _defaultGraphRoot
}
c.graphRoot = storeOpts.GraphRoot
c.ImageCopyTmpDir = "/var/tmp"
c.ImageCopyTmpDir = getDefaultTmpDir()
c.StaticDir = filepath.Join(storeOpts.GraphRoot, "libpod")
c.VolumePath = filepath.Join(storeOpts.GraphRoot, "volumes")

10
vendor/github.com/containers/common/pkg/config/default_linux.go generated vendored
View File

@ -3,6 +3,7 @@ package config
import (
"fmt"
"io/ioutil"
"os"
"strconv"
"strings"
@ -48,3 +49,12 @@ func getDefaultProcessLimits() []string {
}
return defaultLimits
}
// getDefaultTmpDir for linux
func getDefaultTmpDir() string {
// first check the TMPDIR env var
if path, found := os.LookupEnv("TMPDIR"); found {
return path
}
return "/var/tmp"
}

12
vendor/github.com/containers/common/pkg/config/default_unsupported.go generated vendored
View File

@ -1,7 +1,10 @@
//go:build !linux && !windows
// +build !linux,!windows
package config
import "os"
// getDefaultMachineImage returns the default machine image stream
// On Linux/Mac, this returns the FCOS stream
func getDefaultMachineImage() string {
@ -22,3 +25,12 @@ func isCgroup2UnifiedMode() (isUnified bool, isUnifiedErr error) {
func getDefaultProcessLimits() []string {
return []string{}
}
// getDefaultTmpDir for linux
func getDefaultTmpDir() string {
// first check the TMPDIR env var
if path, found := os.LookupEnv("TMPDIR"); found {
return path
}
return "/var/tmp"
}

12
vendor/github.com/containers/common/pkg/config/default_windows.go generated vendored
View File

@ -1,5 +1,7 @@
package config
import "os"
// getDefaultImage returns the default machine image stream
// On Windows this refers to the Fedora major release number
func getDefaultMachineImage() string {
@ -20,3 +22,13 @@ func isCgroup2UnifiedMode() (isUnified bool, isUnifiedErr error) {
func getDefaultProcessLimits() []string {
return []string{}
}
// getDefaultTmpDir for windows
func getDefaultTmpDir() string {
// first check the Temp env var
// https://answers.microsoft.com/en-us/windows/forum/all/where-is-the-temporary-folder/44a039a5-45ba-48dd-84db-fd700e54fd56
if val, ok := os.LookupEnv("TEMP"); ok {
return val
}
return os.Getenv("LOCALAPPDATA") + "\\Temp"
}

1
vendor/github.com/containers/common/pkg/config/nosystemd.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build !systemd || !cgo
// +build !systemd !cgo
package config

1
vendor/github.com/containers/common/pkg/config/systemd.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build systemd && cgo
// +build systemd,cgo
package config

1
vendor/github.com/containers/common/pkg/parse/parse_unix.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build linux || darwin
// +build linux darwin
package parse

1
vendor/github.com/containers/common/pkg/retry/retry_unsupported.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build !linux
// +build !linux
package retry

10
vendor/github.com/containers/common/pkg/seccomp/default_linux.go generated vendored
View File

@ -236,6 +236,7 @@ func DefaultProfile() *Seccomp {
"lstat64",
"madvise",
"mbind",
"membarrier",
"memfd_create",
"memfd_secret",
"mincore",
@ -249,6 +250,7 @@ func DefaultProfile() *Seccomp {
"mmap",
"mmap2",
"mount",
"mount_setattr",
"move_mount",
"mprotect",
"mq_getsetattr",
@ -293,6 +295,7 @@ func DefaultProfile() *Seccomp {
"preadv",
"preadv2",
"prlimit64",
"process_mrelease",
"pselect6",
"pselect6_time64",
"pwrite64",
@ -388,10 +391,15 @@ func DefaultProfile() *Seccomp {
"shmdt",
"shmget",
"shutdown",
"sigaction",
"sigaltstack",
"signal",
"signalfd",
"signalfd4",
"sigpending",
"sigprocmask",
"sigreturn",
"sigsuspend",
"socketcall",
"socketpair",
"splice",
@ -405,6 +413,7 @@ func DefaultProfile() *Seccomp {
"sync",
"sync_file_range",
"syncfs",
"syscall",
"sysinfo",
"syslog",
"tee",
@ -417,6 +426,7 @@ func DefaultProfile() *Seccomp {
"timer_gettime64",
"timer_settime",
"timer_settime64",
"timerfd",
"timerfd_create",
"timerfd_gettime",
"timerfd_gettime64",

1
vendor/github.com/containers/common/pkg/seccomp/errno_list.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build linux && seccomp
// +build linux,seccomp
package seccomp

1
vendor/github.com/containers/common/pkg/seccomp/filter.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build seccomp
// +build seccomp
// NOTE: this package has originally been copied from

10
vendor/github.com/containers/common/pkg/seccomp/seccomp.json generated vendored
View File

@ -243,6 +243,7 @@
"lstat64",
"madvise",
"mbind",
"membarrier",
"memfd_create",
"memfd_secret",
"mincore",
@ -256,6 +257,7 @@
"mmap",
"mmap2",
"mount",
"mount_setattr",
"move_mount",
"mprotect",
"mq_getsetattr",
@ -300,6 +302,7 @@
"preadv",
"preadv2",
"prlimit64",
"process_mrelease",
"pselect6",
"pselect6_time64",
"pwrite64",
@ -395,10 +398,15 @@
"shmdt",
"shmget",
"shutdown",
"sigaction",
"sigaltstack",
"signal",
"signalfd",
"signalfd4",
"sigpending",
"sigprocmask",
"sigreturn",
"sigsuspend",
"socketcall",
"socketpair",
"splice",
@ -412,6 +420,7 @@
"sync",
"sync_file_range",
"syncfs",
"syscall",
"sysinfo",
"syslog",
"tee",
@ -424,6 +433,7 @@
"timer_gettime64",
"timer_settime",
"timer_settime64",
"timerfd",
"timerfd_create",
"timerfd_gettime",
"timerfd_gettime64",

1
vendor/github.com/containers/common/pkg/seccomp/seccomp_unsupported.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build !linux || !seccomp
// +build !linux !seccomp
// SPDX-License-Identifier: Apache-2.0

1
vendor/github.com/containers/common/pkg/seccomp/supported.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build linux && seccomp
// +build linux,seccomp
package seccomp

1
vendor/github.com/containers/common/pkg/seccomp/validate.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build seccomp
// +build seccomp
package seccomp

4
vendor/github.com/containers/common/pkg/signal/signal_linux.go generated vendored
View File

@ -1,5 +1,5 @@
// +build linux
// +build !mips,!mipsle,!mips64,!mips64le
//go:build linux && !mips && !mipsle && !mips64 && !mips64le
// +build linux,!mips,!mipsle,!mips64,!mips64le
// Signal handling for Linux only.
package signal

1
vendor/github.com/containers/common/pkg/signal/signal_linux_mipsx.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build linux && (mips || mipsle || mips64 || mips64le)
// +build linux
// +build mips mipsle mips64 mips64le

1
vendor/github.com/containers/common/pkg/signal/signal_unsupported.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build !linux
// +build !linux
// Signal handling for Linux only.

1
vendor/github.com/containers/common/pkg/sysinfo/numcpu.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build !linux && !windows
// +build !linux,!windows
package sysinfo

1
vendor/github.com/containers/common/pkg/sysinfo/numcpu_linux.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build linux
// +build linux
package sysinfo

1
vendor/github.com/containers/common/pkg/sysinfo/numcpu_windows.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build windows
// +build windows
package sysinfo

1
vendor/github.com/containers/common/pkg/sysinfo/nummem_linux.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build linux
// +build linux
package sysinfo

3
vendor/github.com/containers/common/pkg/sysinfo/nummem_unsupported.go generated vendored
View File

@ -1,4 +1,5 @@
// +build windows, osx
//go:build (windows && ignore) || osx
// +build windows,ignore osx
package sysinfo

1
vendor/github.com/containers/common/pkg/sysinfo/sysinfo_solaris.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build solaris && cgo
// +build solaris,cgo
package sysinfo

1
vendor/github.com/containers/common/pkg/sysinfo/sysinfo_unix.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build !linux && !solaris && !windows
// +build !linux,!solaris,!windows
package sysinfo

1
vendor/github.com/containers/common/pkg/sysinfo/sysinfo_windows.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build windows
// +build windows
package sysinfo

1
vendor/github.com/containers/common/pkg/umask/umask_unix.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build linux || darwin
// +build linux darwin
package umask

1
vendor/github.com/containers/common/pkg/umask/umask_unsupported.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build !linux && !darwin
// +build !linux,!darwin
package umask

11
vendor/github.com/containers/common/pkg/util/util_supported.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build linux || darwin
// +build linux darwin
package util
@ -19,6 +20,12 @@ var (
rootlessRuntimeDir string
)
// isWriteableOnlyByOwner checks that the specified permission mask allows write
// access only to the owner.
func isWriteableOnlyByOwner(perm os.FileMode) bool {
return (perm & 0722) == 0700
}
// GetRuntimeDir returns the runtime directory
func GetRuntimeDir() (string, error) {
var rootlessRuntimeDirError error
@ -43,7 +50,7 @@ func GetRuntimeDir() (string, error) {
logrus.Debugf("unable to make temp dir: %v", err)
}
st, err := os.Stat(tmpDir)
if err == nil && int(st.Sys().(*syscall.Stat_t).Uid) == os.Geteuid() && st.Mode().Perm() == 0700 {
if err == nil && int(st.Sys().(*syscall.Stat_t).Uid) == os.Geteuid() && isWriteableOnlyByOwner(st.Mode().Perm()) {
runtimeDir = tmpDir
}
}
@ -53,7 +60,7 @@ func GetRuntimeDir() (string, error) {
logrus.Debugf("unable to make temp dir %v", err)
}
st, err := os.Stat(tmpDir)
if err == nil && int(st.Sys().(*syscall.Stat_t).Uid) == os.Geteuid() && st.Mode().Perm() == 0700 {
if err == nil && int(st.Sys().(*syscall.Stat_t).Uid) == os.Geteuid() && isWriteableOnlyByOwner(st.Mode().Perm()) {
runtimeDir = tmpDir
}
}

1
vendor/github.com/containers/common/pkg/util/util_windows.go generated vendored
View File

@ -1,3 +1,4 @@
//go:build windows
// +build windows
package util