Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[release-1.28] copier.Put(): clear up os/syscall mode bit confusion and bump to v1.28.1 #4428

Merged
merged 3 commits into from Nov 21, 2022
Merged

[release-1.28] copier.Put(): clear up os/syscall mode bit confusion and bump to v1.28.1 #4428

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
6bc044d
retrofit, test: ubi8 changed architecture string
flouthoc Nov 19, 2022
ff08605
copier.Put(): clear up os/syscall mode bit confusion
nalind Nov 9, 2022
9136e86
version: bump to v1.28.1
flouthoc Nov 19, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
4 changes: 4 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Expand Up @@ -2,6 +2,10 @@

# Changelog

## v1.28.1 (2022-11-19)

copier.Put(): clear up os/syscall mode bit confusion

## v1.28.0 (2022-09-30)

Update vendor containers/(common,image)
Expand Down
3 changes: 3 additions & 0 deletions changelog.txt
View file
Open in desktop
@@ -1,3 +1,6 @@
- Changelog for v1.28.1 (2022-11-19)
* copier.Put(): clear up os/syscall mode bit confusion

- Changelog for v1.28.0 (2022-09-30)
* Update vendor containers/(common,image)
* [CI:DOCS] Add quay-description update reminder
Expand Down
27 changes: 16 additions & 11 deletions copier/copier.go
View file
Open in desktop
Expand Up @@ -1566,15 +1566,15 @@ func copierHandlerPut(bulkReader io.Reader, req request, idMappings *idtools.IDM
return nil
}
makeDirectoryWriteable := func(directory string) error {
st, err := os.Lstat(directory)
if err != nil {
return fmt.Errorf("copier: put: error reading permissions of directory %q: %w", directory, err)
}
mode := st.Mode() & os.ModePerm
if _, ok := directoryModes[directory]; !ok {
st, err := os.Lstat(directory)
if err != nil {
return fmt.Errorf("copier: put: error reading permissions of directory %q: %w", directory, err)
}
mode := st.Mode()
directoryModes[directory] = mode
}
if err = os.Chmod(directory, 0o700); err != nil {
if err := os.Chmod(directory, 0o700); err != nil {
return fmt.Errorf("copier: put: error making directory %q writable: %w", directory, err)
}
return nil
Expand Down Expand Up @@ -1862,16 +1862,21 @@ func copierHandlerPut(bulkReader io.Reader, req request, idMappings *idtools.IDM
// set other bits that might have been reset by chown()
if hdr.Typeflag != tar.TypeSymlink {
if hdr.Mode&cISUID == cISUID {
mode |= syscall.S_ISUID
mode |= os.ModeSetuid
}
if hdr.Mode&cISGID == cISGID {
mode |= syscall.S_ISGID
mode |= os.ModeSetgid
}
if hdr.Mode&cISVTX == cISVTX {
mode |= syscall.S_ISVTX
mode |= os.ModeSticky
}
if hdr.Typeflag == tar.TypeDir {
// if/when we do the final setting of permissions on this
// directory, make sure to incorporate these bits, too
directoryModes[path] = mode
}
if err = syscall.Chmod(path, uint32(mode)); err != nil {
return fmt.Errorf("setting additional permissions on %q to 0%o: %w", path, mode, err)
if err = os.Chmod(path, mode); err != nil {
return fmt.Errorf("copier: put: setting additional permissions on %q to 0%o: %w", path, mode, err)
}
}
// set xattrs, including some that might have been reset by chown()
Expand Down
2 changes: 1 addition & 1 deletion define/types.go
View file
Open in desktop
Expand Up @@ -30,7 +30,7 @@ const (
Package = "buildah"
// Version for the Package. Bump version in contrib/rpm/buildah.spec
// too.
Version = "1.28.0"
Version = "1.28.1"

// DefaultRuntime if containers.conf fails.
DefaultRuntime = "runc"
Expand Down
2 changes: 1 addition & 1 deletion tests/bud.bats
View file
Open in desktop
Expand Up @@ -4110,7 +4110,7 @@ _EOF
run_buildah tag image-amd localhost/ubi8-minimal
run_buildah build -f Containerfile --pull=false -q --arch=arm64 -t image-arm $WITH_POLICY_JSON ${mytmpdir}
run_buildah inspect --format '{{ index .Docker.Config.Labels "architecture" }}' image-arm
expect_output --substring arm64
expect_output --substring aarch64

run_buildah inspect --format '{{ .FromImageID }}' image-arm
fromiid=$output
Expand Down
36 changes: 36 additions & 0 deletions tests/conformance/conformance_test.go
View file
Open in desktop
Expand Up @@ -1863,6 +1863,42 @@ var internalTestCases = []testCase{
if _, err = io.Copy(tw, bytes.NewReader([]byte("whatever"))); err != nil {
return fmt.Errorf("writing tar archive content: %w", err)
}
hdr = tar.Header{
Name: "setuid-dir",
Uid: 0,
Gid: 0,
Typeflag: tar.TypeDir,
Size: 0,
Mode: cISUID | 0755,
ModTime: testDate,
}
if err = tw.WriteHeader(&hdr); err != nil {
return fmt.Errorf("error writing tar archive header: %w", err)
}
hdr = tar.Header{
Name: "setgid-dir",
Uid: 0,
Gid: 0,
Typeflag: tar.TypeDir,
Size: 0,
Mode: cISGID | 0755,
ModTime: testDate,
}
if err = tw.WriteHeader(&hdr); err != nil {
return fmt.Errorf("error writing tar archive header: %w", err)
}
hdr = tar.Header{
Name: "sticky-dir",
Uid: 0,
Gid: 0,
Typeflag: tar.TypeDir,
Size: 0,
Mode: cISVTX | 0755,
ModTime: testDate,
}
if err = tw.WriteHeader(&hdr); err != nil {
return fmt.Errorf("error writing tar archive header: %w", err)
}
return nil
},
},
Expand Down