fix the attach files issue

carmark · carmark · commit 74b70e6c4e5e · 2015-07-06T09:38:48.000+08:00
diff --git a/daemon/pod.go b/daemon/pod.go
@@ -462,13 +462,13 @@ func (daemon *Daemon) StartPod(podId, vmId, podArgs string) (int, string, error)
 					return -1, "", err
 				}
 			} else if storageDriver == "aufs" {
-				err := aufs.AttachFiles(c.Id, fromFile, targetPath, rootPath, f.Perm, uid, gid)
+				err := aufs.AttachFiles(c.Id, fromFile, targetPath, sharedDir, f.Perm, uid, gid)
 				if err != nil {
 					glog.Error("got error when attach files ", err.Error())
 					return -1, "", err
 				}
 			} else if storageDriver == "overlay" {
-				err := overlay.AttachFiles(c.Id, fromFile, targetPath, rootPath, f.Perm, uid, gid)
+				err := overlay.AttachFiles(c.Id, fromFile, targetPath, sharedDir, f.Perm, uid, gid)
 				if err != nil {
 					glog.Error("got error when attach files ", err.Error())
 					return -1, "", err
diff --git a/pod/pod.go b/pod/pod.go
@@ -8,6 +8,7 @@ import (
 	"io/ioutil"
 	"os"
 	"reflect"
+	"regexp"
 )
 
 // Pod Data Structure
@@ -172,7 +173,7 @@ func (pod *UserPod) Validate() error {
 			return errors.New("Files name does not unique")
 		}
 	}
-
+	var permReg = regexp.MustCompile("0[0-7]{3}")
 	for idx, container := range pod.Containers {
 
 		if uniq, _ := keySet(container.Volumes); !uniq {
@@ -187,6 +188,14 @@ func (pod *UserPod) Validate() error {
 			if _, ok := fset[f.Filename]; !ok {
 				return fmt.Errorf("in container %d, file %s does not exist in file list.", idx, f.Filename)
 			}
+			if f.Perm == "" {
+				f.Perm = "0755"
+			}
+			if f.Perm != "0" {
+				if !permReg.Match([]byte(f.Perm)) {
+					return fmt.Errorf("in container %d, the permission %s only accept Octal digital in string")
+				}
+			}
 		}
 
 		for _, v := range container.Volumes {
diff --git a/storage/aufs/aufs.go b/storage/aufs/aufs.go
@@ -65,10 +65,7 @@ func AttachFiles(containerId, fromFile, toDir, rootDir, perm, uid, gid string) e
 	if containerId == "" {
 		return fmt.Errorf("Please make sure the arguments are not NULL!\n")
 	}
-	permInt, err := strconv.Atoi(perm)
-	if err != nil {
-		return err
-	}
+	permInt := utils.ConvertPermStrToInt(perm)
 	// It just need the block device without copying any files
 	// FIXME whether we need to return an error if the target directory is null
 	if toDir == "" {
@@ -98,14 +95,10 @@ func AttachFiles(containerId, fromFile, toDir, rootDir, perm, uid, gid string) e
 	if err != nil {
 		return err
 	}
+
 	user_id, _ := strconv.Atoi(uid)
-	err = syscall.Setuid(user_id)
-	if err != nil {
-		return err
-	}
 	group_id, _ := strconv.Atoi(gid)
-	err = syscall.Setgid(group_id)
-	if err != nil {
+	if err = syscall.Chown(targetFile, user_id, group_id); err != nil {
 		return err
 	}
 
diff --git a/storage/devicemapper/dm.go b/storage/devicemapper/dm.go
@@ -145,14 +145,8 @@ func AttachFiles(containerId, devPrefix, fromFile, toDir, rootPath, perm, uid, g
 		return err
 	}
 	user_id, _ := strconv.Atoi(uid)
-	err = syscall.Setuid(user_id)
-	if err != nil {
-		syscall.Unmount(idMountPath, syscall.MNT_DETACH)
-		return err
-	}
 	group_id, _ := strconv.Atoi(gid)
-	err = syscall.Setgid(group_id)
-	if err != nil {
+	if err = syscall.Chown(targetFile, user_id, group_id); err != nil {
 		syscall.Unmount(idMountPath, syscall.MNT_DETACH)
 		return err
 	}
diff --git a/storage/overlay/overlay.go b/storage/overlay/overlay.go
@@ -41,10 +41,7 @@ func AttachFiles(containerId, fromFile, toDir, rootDir, perm, uid, gid string) e
 	if containerId == "" {
 		return fmt.Errorf("Please make sure the arguments are not NULL!\n")
 	}
-	permInt, err := strconv.Atoi(perm)
-	if err != nil {
-		return err
-	}
+	permInt := utils.ConvertPermStrToInt(perm)
 	// It just need the block device without copying any files
 	// FIXME whether we need to return an error if the target directory is null
 	if toDir == "" {
@@ -75,13 +72,8 @@ func AttachFiles(containerId, fromFile, toDir, rootDir, perm, uid, gid string) e
 		return err
 	}
 	user_id, _ := strconv.Atoi(uid)
-	err = syscall.Setuid(user_id)
-	if err != nil {
-		return err
-	}
 	group_id, _ := strconv.Atoi(gid)
-	err = syscall.Setgid(group_id)
-	if err != nil {
+	if err = syscall.Chown(targetFile, user_id, group_id); err != nil {
 		return err
 	}
 
diff --git a/utils/utils.go b/utils/utils.go
@@ -77,3 +77,28 @@ func FormatMountLabel(src, mountLabel string) string {
 	}
 	return src
 }
+
+func ConvertPermStrToInt(str string) int {
+	var res = 0
+	if str[0] == '0' {
+		if len(str) == 1 {
+			res = 0
+		} else if str[1] == 'x' {
+			// this is hex number
+			for i := 2; i < len(str); i++ {
+				res = res*16 + int(str[i]-'0')
+			}
+		} else {
+			// this is a octal number
+			for i := 1; i < len(str); i++ {
+				res = res*8 + int(str[i]-'0')
+			}
+		}
+	} else {
+		res, _ = strconv.Atoi(str)
+	}
+	if res > 511 {
+		res = 511
+	}
+	return res
+}

Original file line number	Diff line number	Diff line change
`@@ -8,6 +8,7 @@ import (`
`8`	`8`	`"io/ioutil"`
`9`	`9`	`"os"`
`10`	`10`	`"reflect"`
	`11`	`+ "regexp"`
`11`	`12`	`)`
`12`	`13`
`13`	`14`	`// Pod Data Structure`
`@@ -172,7 +173,7 @@ func (pod *UserPod) Validate() error {`
`172`	`173`	`return errors.New("Files name does not unique")`
`173`	`174`	`}`
`174`	`175`	`}`
`175`		`-`
	`176`	`+ var permReg = regexp.MustCompile("0[0-7]{3}")`
`176`	`177`	`for idx, container := range pod.Containers {`
`177`	`178`
`178`	`179`	`if uniq, _ := keySet(container.Volumes); !uniq {`
`@@ -187,6 +188,14 @@ func (pod *UserPod) Validate() error {`
`187`	`188`	`if _, ok := fset[f.Filename]; !ok {`
`188`	`189`	`return fmt.Errorf("in container %d, file %s does not exist in file list.", idx, f.Filename)`
`189`	`190`	`}`
	`191`	`+ if f.Perm == "" {`
	`192`	`+ f.Perm = "0755"`
	`193`	`+ }`
	`194`	`+ if f.Perm != "0" {`
	`195`	`+ if !permReg.Match([]byte(f.Perm)) {`
	`196`	`+ return fmt.Errorf("in container %d, the permission %s only accept Octal digital in string")`
	`197`	`+ }`
	`198`	`+ }`
`190`	`199`	`}`
`191`	`200`
`192`	`201`	`for _, v := range container.Volumes {`