Merge pull request #8212 from containers/dependabot/go_modules/github.com/containers/storage-1.23.8

Bump github.com/containers/storage from 1.23.7 to 1.23.8
This commit is contained in:
OpenShift Merge Robot
2020-11-02 13:23:03 +01:00
committed by GitHub
16 changed files with 109 additions and 46 deletions

2
go.mod
View File

@ -15,7 +15,7 @@ require (
github.com/containers/conmon v2.0.20+incompatible
github.com/containers/image/v5 v5.7.0
github.com/containers/psgo v1.5.1
github.com/containers/storage v1.23.7
github.com/containers/storage v1.23.8
github.com/coreos/go-systemd/v22 v22.1.0
github.com/cri-o/ocicni v0.2.0
github.com/cyphar/filepath-securejoin v0.2.2

4
go.sum
View File

@ -101,6 +101,8 @@ github.com/containers/psgo v1.5.1/go.mod h1:2ubh0SsreMZjSXW1Hif58JrEcFudQyIy9EzP
github.com/containers/storage v1.23.6/go.mod h1:haFs0HRowKwyzvWEx9EgI3WsL8XCSnBDb5f8P5CAxJY=
github.com/containers/storage v1.23.7 h1:43ImvG/npvQSZXRjaudVvKISIuZSfI6qvtSNQQSGO/A=
github.com/containers/storage v1.23.7/go.mod h1:cUT2zHjtx+WlVri30obWmM2gpqpi8jfPsmIzP1TVpEI=
github.com/containers/storage v1.23.8 h1:Z3KKE9BkbW6CGOjIeTtvX+Dl9pFX8QgvSD2j/tS+r5E=
github.com/containers/storage v1.23.8/go.mod h1:3b2ktpB6pw53SEeIoFfO0sQfP9+IoJJKPq5iJk74gxE=
github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk=
github.com/coreos/etcd v3.3.13+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE=
github.com/coreos/go-iptables v0.4.5 h1:DpHb9vJrZQEFMcVLFKAAGMUVX0XoRC0ptCthinRYm38=
@ -305,6 +307,8 @@ github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQL
github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
github.com/klauspost/compress v1.11.1 h1:bPb7nMRdOZYDrpPMTA3EInUQrdgoBinqUuSwlGdKDdE=
github.com/klauspost/compress v1.11.1/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs=
github.com/klauspost/compress v1.11.2 h1:MiK62aErc3gIiVEtyzKfeOHgW7atJb5g/KNX5m3c2nQ=
github.com/klauspost/compress v1.11.2/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs=
github.com/klauspost/pgzip v1.2.5 h1:qnWYvvKqedOF2ulHpMG72XQol4ILEJ8k2wwRl/Km8oE=
github.com/klauspost/pgzip v1.2.5/go.mod h1:Ch1tH69qFZu15pkjo5kYi6mth2Zzwzt50oCQKQE9RUs=
github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=

View File

@ -1 +1 @@
1.23.7
1.23.8

View File

@ -50,22 +50,22 @@ func platformLChown(path string, info os.FileInfo, toHost, toContainer *idtools.
if uid != int(st.Uid) || gid != int(st.Gid) {
cap, err := system.Lgetxattr(path, "security.capability")
if err != nil && err != system.ErrNotSupportedPlatform {
return fmt.Errorf("%s: Lgetxattr(%q): %v", os.Args[0], path, err)
return fmt.Errorf("%s: %v", os.Args[0], err)
}
// Make the change.
if err := os.Lchown(path, uid, gid); err != nil {
return fmt.Errorf("%s: chown(%q): %v", os.Args[0], path, err)
if err := system.Lchown(path, uid, gid); err != nil {
return fmt.Errorf("%s: %v", os.Args[0], err)
}
// Restore the SUID and SGID bits if they were originally set.
if (info.Mode()&os.ModeSymlink == 0) && info.Mode()&(os.ModeSetuid|os.ModeSetgid) != 0 {
if err := os.Chmod(path, info.Mode()); err != nil {
return fmt.Errorf("%s: chmod(%q): %v", os.Args[0], path, err)
if err := system.Chmod(path, info.Mode()); err != nil {
return fmt.Errorf("%s: %v", os.Args[0], err)
}
}
if cap != nil {
if err := system.Lsetxattr(path, "security.capability", cap, 0); err != nil {
return fmt.Errorf("%s: Lsetxattr(%q): %v", os.Args[0], path, err)
return fmt.Errorf("%s: %v", os.Args[0], err)
}
}

View File

@ -12,6 +12,7 @@ package copy
import "C"
import (
"container/list"
"errors"
"fmt"
"io"
"os"
@ -98,7 +99,7 @@ func legacyCopy(srcFile io.Reader, dstFile io.Writer) error {
func copyXattr(srcPath, dstPath, attr string) error {
data, err := system.Lgetxattr(srcPath, attr)
if err != nil && err != unix.EOPNOTSUPP {
if err != nil && !errors.Is(err, unix.EOPNOTSUPP) {
return err
}
if data != nil {
@ -269,7 +270,7 @@ func doCopyXattrs(srcPath, dstPath string) error {
}
xattrs, err := system.Llistxattr(srcPath)
if err != nil && err != unix.EOPNOTSUPP {
if err != nil && !errors.Is(err, unix.EOPNOTSUPP) {
return err
}

View File

@ -42,6 +42,8 @@ var (
untar = chrootarchive.UntarUncompressed
)
const defaultPerms = os.FileMode(0555)
// This backend uses the overlay union filesystem for containers
// with diff directories for each layer.
@ -571,15 +573,17 @@ func (d *Driver) create(id, parent string, opts *graphdriver.CreateOpts) (retErr
if err := idtools.MkdirAllAs(path.Dir(dir), 0700, rootUID, rootGID); err != nil {
return err
}
perms := defaultPerms
if parent != "" {
st, err := system.Stat(d.dir(parent))
if err != nil {
return err
}
perms = os.FileMode(st.Mode())
rootUID = int(st.UID())
rootGID = int(st.GID())
}
if err := idtools.MkdirAs(dir, 0700, rootUID, rootGID); err != nil {
if err := idtools.MkdirAs(dir, perms, rootUID, rootGID); err != nil {
return err
}
@ -604,7 +608,7 @@ func (d *Driver) create(id, parent string, opts *graphdriver.CreateOpts) (retErr
}
}
if err := idtools.MkdirAs(path.Join(dir, "diff"), 0755, rootUID, rootGID); err != nil {
if err := idtools.MkdirAs(path.Join(dir, "diff"), perms, rootUID, rootGID); err != nil {
return err
}
@ -847,7 +851,11 @@ func (d *Driver) get(id string, disableShifting bool, options graphdriver.MountO
return "", err
}
diffN := 1
_, err = os.Stat(filepath.Join(dir, nameWithSuffix("diff", diffN)))
perms := defaultPerms
st, err := os.Stat(filepath.Join(dir, nameWithSuffix("diff", diffN)))
if err == nil {
perms = os.FileMode(st.Mode())
}
for err == nil {
absLowers = append(absLowers, filepath.Join(dir, nameWithSuffix("diff", diffN)))
relLowers = append(relLowers, dumbJoin(string(link), "..", nameWithSuffix("diff", diffN)))
@ -908,7 +916,7 @@ func (d *Driver) get(id string, disableShifting bool, options graphdriver.MountO
return "", err
}
diffDir := path.Join(dir, "diff")
if err := idtools.MkdirAllAs(diffDir, 0755, rootUID, rootGID); err != nil {
if err := idtools.MkdirAllAs(diffDir, perms, rootUID, rootGID); err != nil {
return "", err
}
@ -1241,11 +1249,16 @@ func (d *Driver) UpdateLayerIDMap(id string, toContainer, toHost *idtools.IDMapp
// Rotate the diff directories.
i := 0
_, err = os.Stat(nameWithSuffix(diffDir, i))
perms := defaultPerms
st, err := os.Stat(nameWithSuffix(diffDir, i))
if err == nil {
perms = os.FileMode(st.Mode())
}
for err == nil {
i++
_, err = os.Stat(nameWithSuffix(diffDir, i))
}
for i > 0 {
err = os.Rename(nameWithSuffix(diffDir, i-1), nameWithSuffix(diffDir, i))
if err != nil {
@ -1258,13 +1271,13 @@ func (d *Driver) UpdateLayerIDMap(id string, toContainer, toHost *idtools.IDMapp
// to the old upper layer in the index.
workDir := filepath.Join(dir, "work")
if err := os.RemoveAll(workDir); err == nil {
if err := idtools.MkdirAs(workDir, 0755, rootUID, rootGID); err != nil {
if err := idtools.MkdirAs(workDir, defaultPerms, rootUID, rootGID); err != nil {
return err
}
}
// Re-create the directory that we're going to use as the upper layer.
if err := idtools.MkdirAs(diffDir, 0755, rootUID, rootGID); err != nil {
if err := idtools.MkdirAs(diffDir, perms, rootUID, rootGID); err != nil {
return err
}
return nil

View File

@ -8,7 +8,7 @@ require (
github.com/Microsoft/hcsshim v0.8.9
github.com/docker/go-units v0.4.0
github.com/hashicorp/go-multierror v1.1.0
github.com/klauspost/compress v1.11.1
github.com/klauspost/compress v1.11.2
github.com/klauspost/pgzip v1.2.5
github.com/mattn/go-shellwords v1.0.10
github.com/mistifyio/go-zfs v2.1.1+incompatible

View File

@ -62,8 +62,8 @@ github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ
github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q=
github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00=
github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
github.com/klauspost/compress v1.11.1 h1:bPb7nMRdOZYDrpPMTA3EInUQrdgoBinqUuSwlGdKDdE=
github.com/klauspost/compress v1.11.1/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs=
github.com/klauspost/compress v1.11.2 h1:MiK62aErc3gIiVEtyzKfeOHgW7atJb5g/KNX5m3c2nQ=
github.com/klauspost/compress v1.11.2/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs=
github.com/klauspost/pgzip v1.2.5 h1:qnWYvvKqedOF2ulHpMG72XQol4ILEJ8k2wwRl/Km8oE=
github.com/klauspost/pgzip v1.2.5/go.mod h1:Ch1tH69qFZu15pkjo5kYi6mth2Zzwzt50oCQKQE9RUs=
github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=

View File

@ -1329,6 +1329,7 @@ func (r *layerStore) ApplyDiff(to string, diff io.Reader) (size int64, err error
if err != nil {
return -1, err
}
defer uncompressed.Close()
uncompressedDigest := digest.Canonical.Digester()
uncompressedCounter := ioutils.NewWriteCounter(uncompressedDigest.Hash())
uidLog := make(map[uint32]struct{})

View File

@ -139,6 +139,7 @@ func IsArchivePath(path string) bool {
if err != nil {
return false
}
defer rdr.Close()
r := tar.NewReader(rdr)
_, err = r.Next()
return err == nil
@ -398,7 +399,7 @@ func ReadSecurityXattrToTarHeader(path string, hdr *tar.Header) error {
}
for _, xattr := range []string{"security.capability", "security.ima"} {
capability, err := system.Lgetxattr(path, xattr)
if err != nil && err != system.EOPNOTSUPP && err != system.ErrNotSupportedPlatform {
if err != nil && !errors.Is(err, system.EOPNOTSUPP) && err != system.ErrNotSupportedPlatform {
return errors.Wrapf(err, "failed to read %q attribute from %q", xattr, path)
}
if capability != nil {
@ -411,17 +412,17 @@ func ReadSecurityXattrToTarHeader(path string, hdr *tar.Header) error {
// ReadUserXattrToTarHeader reads user.* xattr from filesystem to a tar header
func ReadUserXattrToTarHeader(path string, hdr *tar.Header) error {
xattrs, err := system.Llistxattr(path)
if err != nil && err != system.EOPNOTSUPP && err != system.ErrNotSupportedPlatform {
if err != nil && !errors.Is(err, system.EOPNOTSUPP) && err != system.ErrNotSupportedPlatform {
return err
}
for _, key := range xattrs {
if strings.HasPrefix(key, "user.") {
value, err := system.Lgetxattr(path, key)
if err == system.E2BIG {
logrus.Errorf("archive: Skipping xattr for file %s since value is too big: %s", path, key)
continue
}
if err != nil {
if errors.Is(err, system.E2BIG) {
logrus.Errorf("archive: Skipping xattr for file %s since value is too big: %s", path, key)
continue
}
return err
}
if hdr.Xattrs == nil {
@ -724,16 +725,16 @@ func createTarFile(path, extractDir string, hdr *tar.Header, reader io.Reader, L
}
}
var errors []string
var errs []string
for key, value := range hdr.Xattrs {
if err := system.Lsetxattr(path, key, []byte(value), 0); err != nil {
if err == syscall.ENOTSUP || (err == syscall.EPERM && inUserns) {
if errors.Is(err, syscall.ENOTSUP) || (inUserns && errors.Is(err, syscall.EPERM)) {
// We ignore errors here because not all graphdrivers support
// xattrs *cough* old versions of AUFS *cough*. However only
// ENOTSUP should be emitted in that case, otherwise we still
// bail. We also ignore EPERM errors if we are running in a
// user namespace.
errors = append(errors, err.Error())
errs = append(errs, err.Error())
continue
}
return err
@ -741,9 +742,9 @@ func createTarFile(path, extractDir string, hdr *tar.Header, reader io.Reader, L
}
if len(errors) > 0 {
if len(errs) > 0 {
logrus.WithFields(logrus.Fields{
"errors": errors,
"errors": errs,
}).Warn("ignored xattrs in archive: underlying filesystem doesn't support them")
}

View File

@ -2,6 +2,7 @@ package archive
import (
"bytes"
"errors"
"fmt"
"os"
"path/filepath"
@ -86,21 +87,21 @@ func walkchunk(path string, fi os.FileInfo, dir string, root *FileInfo) error {
}
info.stat = stat
info.capability, err = system.Lgetxattr(cpath, "security.capability") // lgetxattr(2): fs access
if err != nil && err != system.EOPNOTSUPP {
if err != nil && !errors.Is(err, system.EOPNOTSUPP) {
return err
}
xattrs, err := system.Llistxattr(cpath)
if err != nil && err != system.EOPNOTSUPP {
if err != nil && !errors.Is(err, system.EOPNOTSUPP) {
return err
}
for _, key := range xattrs {
if strings.HasPrefix(key, "user.") {
value, err := system.Lgetxattr(cpath, key)
if err == system.E2BIG {
logrus.Errorf("archive: Skipping xattr for file %s since value is too big: %s", cpath, key)
continue
}
if err != nil {
if errors.Is(err, system.E2BIG) {
logrus.Errorf("archive: Skipping xattr for file %s since value is too big: %s", cpath, key)
continue
}
return err
}
if info.xattrs == nil {

View File

@ -0,0 +1,17 @@
package system
import (
"errors"
"os"
"syscall"
)
func Chmod(name string, mode os.FileMode) error {
err := os.Chmod(name, mode)
for err != nil && errors.Is(err, syscall.EINTR) {
err = os.Chmod(name, mode)
}
return err
}

View File

@ -0,0 +1,20 @@
package system
import (
"os"
"syscall"
)
func Lchown(name string, uid, gid int) error {
err := syscall.Lchown(name, uid, gid)
for err == syscall.EINTR {
err = syscall.Lchown(name, uid, gid)
}
if err != nil {
return &os.PathError{Op: "lchown", Path: name, Err: err}
}
return nil
}

View File

@ -2,6 +2,7 @@ package system
import (
"bytes"
"os"
"golang.org/x/sys/unix"
)
@ -26,7 +27,7 @@ func Lgetxattr(path string, attr string) ([]byte, error) {
// Buffer too small, use zero-sized buffer to get the actual size
sz, errno = unix.Lgetxattr(path, attr, []byte{})
if errno != nil {
return nil, errno
return nil, &os.PathError{Op: "lgetxattr", Path: path, Err: errno}
}
dest = make([]byte, sz)
sz, errno = unix.Lgetxattr(path, attr, dest)
@ -36,7 +37,7 @@ func Lgetxattr(path string, attr string) ([]byte, error) {
case errno == unix.ENODATA:
return nil, nil
case errno != nil:
return nil, errno
return nil, &os.PathError{Op: "lgetxattr", Path: path, Err: errno}
}
return dest[:sz], nil
@ -45,7 +46,11 @@ func Lgetxattr(path string, attr string) ([]byte, error) {
// Lsetxattr sets the value of the extended attribute identified by attr
// and associated with the given path in the file system.
func Lsetxattr(path string, attr string, data []byte, flags int) error {
return unix.Lsetxattr(path, attr, data, flags)
if err := unix.Lsetxattr(path, attr, data, flags); err != nil {
return &os.PathError{Op: "lsetxattr", Path: path, Err: err}
}
return nil
}
// Llistxattr lists extended attributes associated with the given path
@ -58,14 +63,14 @@ func Llistxattr(path string) ([]string, error) {
// Buffer too small, use zero-sized buffer to get the actual size
sz, errno = unix.Llistxattr(path, []byte{})
if errno != nil {
return nil, errno
return nil, &os.PathError{Op: "llistxattr", Path: path, Err: errno}
}
dest = make([]byte, sz)
sz, errno = unix.Llistxattr(path, dest)
}
if errno != nil {
return nil, errno
return nil, &os.PathError{Op: "llistxattr", Path: path, Err: errno}
}
var attrs []string

View File

@ -251,14 +251,14 @@ For streaming use a simple setup could look like this:
import "github.com/klauspost/compress/zstd"
func Decompress(in io.Reader, out io.Writer) error {
d, err := zstd.NewReader(input)
d, err := zstd.NewReader(in)
if err != nil {
return err
}
defer d.Close()
// Copy content...
_, err := io.Copy(out, d)
_, err = io.Copy(out, d)
return err
}
```

4
vendor/modules.txt vendored
View File

@ -166,7 +166,7 @@ github.com/containers/psgo/internal/dev
github.com/containers/psgo/internal/host
github.com/containers/psgo/internal/proc
github.com/containers/psgo/internal/process
# github.com/containers/storage v1.23.7
# github.com/containers/storage v1.23.8
github.com/containers/storage
github.com/containers/storage/drivers
github.com/containers/storage/drivers/aufs
@ -334,7 +334,7 @@ github.com/inconshreveable/mousetrap
github.com/ishidawataru/sctp
# github.com/json-iterator/go v1.1.10
github.com/json-iterator/go
# github.com/klauspost/compress v1.11.1
# github.com/klauspost/compress v1.11.2
github.com/klauspost/compress/flate
github.com/klauspost/compress/fse
github.com/klauspost/compress/huff0