Commit graph

76 commits

Author SHA1 Message Date
Vincent Demeester
120a4b0276 Merge pull request #23912 from dmcgowan/fix-overlay2-whiteout-exclusion
Fix overlay2 ignoring whiteout files
2016-06-24 01:06:38 +02:00
Derek McGowan
c880caae4e Fix overlay2 ignoring whiteout files
Currently when overlay creates a whiteout file then the overlay2 layer is archived,
the correct tar header will be created for the whiteout file, but the tar logic will then attempt to open the file causing a failure.
When tar encounters such failures the file is skipped and excluded for the archive, causing the whiteout to be ignored.
By skipping the copy of empty files, no open attempt will be made on whiteout files.

Fixes #23863

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-06-23 13:34:38 -07:00
bin liu
53ce0aa26a fix some typos
Signed-off-by: bin liu <liubin0329@gmail.com>
2016-06-21 15:29:25 +08:00
Michael Crosby
14c99e5f48 Merge pull request #22126 from dmcgowan/overlay-native-diff
Overlay multiple lower directory support
2016-06-13 13:15:39 -07:00
Yong Tang
85fa96aa57 Fix logrus formatting
This fix tries to fix logrus formatting by removing `f` from
`logrus.[Error|Warn|Debug|Fatal|Panic|Info]f` when formatting string
is not present.

This fix fixes #23459.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
2016-06-11 13:16:55 -07:00
Aleksa Sarai
e24aa430f9 pkg: archive: only ignore ENOTSUP when xattr fails
There might be other (valid) reasons for setxattr(2) to fail, so only
ignore it when it's a not supported error (ENOTSUP). Otherwise, bail.

Signed-off-by: Aleksa Sarai <asarai@suse.de>
2016-06-10 00:56:40 +10:00
Derek McGowan
9bb13f8f51 Update archive package to support overlay whiteouts
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-06-08 00:10:16 -07:00
Viktor Stanchev
60dbea6c25 aufs compatibility
Signed-off-by: Viktor Stanchev <me@viktorstanchev.com>
2016-06-08 00:10:16 -07:00
allencloud
a658947af4 fix typos
Signed-off-by: allencloud <allen.sun@daocloud.io>
2016-05-06 18:23:11 +08:00
Alexander Morozov
f1b04a89ef pkg/archive: use more narrow interface for CompressStream
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2016-04-07 13:21:05 -07:00
Tõnis Tiigi
d70faf86e8 Merge pull request #21251 from cyphar/refactor-copyonbuild
pkg: archive: don't fail Untar if xattrs are not supported
2016-03-28 16:15:18 -07:00
Dmitri Logvinenko
8dedfa664d Fix misspellings
Signed-off-by: Dmitri Logvinenko <dmitri.logvinenko@gmail.com>
2016-03-28 16:21:02 +03:00
Aleksa Sarai
ade216b378 pkg: archive: don't fail Untar if xattrs are not supported
Since certain filesystems don't support extended attributes, ignore
errors produced (emitting a warning) when attempting to apply extended
attributes to file.

Signed-off-by: Aleksa Sarai <asarai@suse.de>
2016-03-24 02:05:36 +11:00
Phil Estes
ac445a24e8 Fix CopyWithTar creation of new destination dir as remapped root
If the destination does not exist, it needs to be created with ownership
mapping to the remapped uid/gid ranges if user namespaces are enabled.
This fixes ADD operations, similar to the prior fixes for COPY and WORKDIR.

Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
2016-03-12 23:05:45 -05:00
Doug Davis
f7e2d23879 Optimize .dockerignore when there are exclusions
Closes #20470

Before this PR we used to scan the entire build context when there were
exclusions in the .dockerignore file (paths that started with !). Now we
only traverse into subdirs when one of the exclusions starts with that dir
path.

Signed-off-by: Doug Davis <dug@us.ibm.com>
2016-03-03 05:46:24 -08:00
Sebastiaan van Stijn
3a366b1f39 Merge pull request #20782 from estesp/new-parent-dir-ownership
Fix ownership of non-existing parent dir
2016-03-01 01:45:38 +01:00
Phil Estes
b4ec7f5b23 Fix ownership of non-existing parent dir
During "COPY" or other tar unpack operations, a target/destination
parent dir might not exist and should be created with ownership of the
root in the right context (including remapped root when user namespaces
are enabled)

Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
2016-02-29 09:14:23 -05:00
Zhang Wei
4e36d1a593 Clean redundant error message for export
When execute `docker export -o path xxx` and path is a directory docker
has no privilege to write to, daemon will print lots of error logs that
most of them are duplicated and redundant.

This will remove unnecessary error logs and print only once.

Signed-off-by: Zhang Wei <zhangwei555@huawei.com>
2016-02-19 18:50:11 +08:00
Justas Brazauskas
244162287a Fix typos found across repository
Signed-off-by: Justas Brazauskas <brazauskasjustas@gmail.com>
2015-12-13 18:04:12 +02:00
Phil Estes
aa06163678 Skip aufs whiteout files on userns translation to container
aufs kernel module creates whiteout files on upper layer delete (and
other situations) and those files already are 'translated' regarding
ownership in host terms (e.g. they are already "0:0" owned), so when
these layers are copied around with pkg/archive we don't want to try and
translate these files regarding ownership.

Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
2015-12-09 10:11:32 -05:00
Tibor Vass
cf5299f8bc Merge pull request #18123 from aidanhs/aphs-fail-on-broken-tar
Ensure adding a broken tar doesn't silently fail
2015-12-07 14:38:21 +01:00
Doug Davis
baafebd598 Fix for zero-sized layers
Moved a defer up to a better spot.

Fixed TestUntarPathWithInvalidDest to actually fail for the right reason

Closes #18170

Signed-off-by: Doug Davis <dug@us.ibm.com>
2015-11-25 18:02:03 -08:00
Aidan Hobson Sayers
12fc11efd0 Ensure adding a broken tar doesn't silently fail
Signed-off-by: Aidan Hobson Sayers <aidanhs@cantab.net>
2015-11-23 14:18:58 +00:00
Stefan J. Wernli
9e0fb3e0c7 Fixing last access time on Windows to unblock python.
Signed-off-by: Stefan J. Wernli <swernli@microsoft.com>
2015-11-05 12:15:18 -08:00
Jess Frazelle
a45713d529 Merge pull request #17088 from Microsoft/sjw/archive_hang_fix
Fixing hang in archive.CopyFileWithTar with invalid dst
2015-10-19 17:18:25 -07:00
Stefan J. Wernli
f05813a1ea Fixing hang in archive.CopyWithTar with invalid dst
Signed-off-by: Stefan J. Wernli <swernli@microsoft.com>
2015-10-19 11:56:05 -07:00
Dmitry Vorobev
f6ec5ae6ee Fixes #9283. Consider hardlinks in image size.
Based on #8984. This patch fixes behavior when image size calculation
didn't consider hardlinks.

Signed-off-by: Dmitry Vorobev <dimahabr@gmail.com>
2015-10-17 12:24:05 +02:00
Derek Ch
c45a95b9c0 fix a race crash when building with "ADD some-broken.tar.xz ..."
The race is between pools.Put which calls buf.Reset and exec.Cmd
doing io.Copy from the buffer; it caused a runtime crash, as
described in #16924:

``` docker-daemon cat the-tarball.xz | xz -d -c -q | docker-untar /path/to/... (aufs ) ```

When docker-untar side fails (like try to set xattr on aufs, or a broken
tar), invokeUnpack will be responsible to exhaust all input, otherwise
`xz` will be write pending for ever.

this change add a receive only channel to cmdStream, and will close it
to notify it's now safe to close the input stream;

in CmdStream the change to use Stdin / Stdout / Stderr keeps the
code simple, os/exec.Cmd will spawn goroutines and call io.Copy automatically.

the CmdStream is actually called in the same file only, change it
lowercase to mark as private.

[...]
INFO[0000] Docker daemon                                 commit=0a8c2e3 execdriver=native-0.2 graphdriver=aufs version=1.8.2

DEBU[0006] Calling POST /build
INFO[0006] POST /v1.20/build?cgroupparent=&cpuperiod=0&cpuquota=0&cpusetcpus=&cpusetmems=&cpushares=0&dockerfile=Dockerfile&memory=0&memswap=0&rm=1&t=gentoo-x32&ulimits=null
DEBU[0008] [BUILDER] Cache miss
DEBU[0009] Couldn't untar /home/lib-docker-v1.8.2-tmp/tmp/docker-build316710953/stage3-x32-20151004.tar.xz to /home/lib-docker-v1.8.2-tmp/aufs/mnt/d909abb87150463939c13e8a349b889a72d9b14f0cfcab42a8711979be285537: Untar re-exec error: exit status 1: output: operation not supported
DEBU[0009] CopyFileWithTar(/home/lib-docker-v1.8.2-tmp/tmp/docker-build316710953/stage3-x32-20151004.tar.xz, /home/lib-docker-v1.8.2-tmp/aufs/mnt/d909abb87150463939c13e8a349b889a72d9b14f0cfcab42a8711979be285537/)
panic: runtime error: slice bounds out of range

goroutine 42 [running]:
bufio.(*Reader).fill(0xc208187800)
    /usr/local/go/src/bufio/bufio.go:86 +0x2db
bufio.(*Reader).WriteTo(0xc208187800, 0x7ff39602d150, 0xc2083f11a0, 0x508000, 0x0, 0x0)
    /usr/local/go/src/bufio/bufio.go:449 +0x27e
io.Copy(0x7ff39602d150, 0xc2083f11a0, 0x7ff3960261f8, 0xc208187800, 0x0, 0x0, 0x0)
    /usr/local/go/src/io/io.go:354 +0xb2
github.com/docker/docker/pkg/archive.func·006()
    /go/src/github.com/docker/docker/pkg/archive/archive.go:817 +0x71
created by github.com/docker/docker/pkg/archive.CmdStream
    /go/src/github.com/docker/docker/pkg/archive/archive.go:819 +0x1ec

goroutine 1 [chan receive]:
main.(*DaemonCli).CmdDaemon(0xc20809da30, 0xc20800a020, 0xd, 0xd, 0x0, 0x0)
    /go/src/github.com/docker/docker/docker/daemon.go:289 +0x1781
reflect.callMethod(0xc208140090, 0xc20828fce0)
    /usr/local/go/src/reflect/value.go:605 +0x179
reflect.methodValueCall(0xc20800a020, 0xd, 0xd, 0x1, 0xc208140090, 0x0, 0x0, 0xc208140090, 0x0, 0x45343f, ...)
    /usr/local/go/src/reflect/asm_amd64.s:29 +0x36
github.com/docker/docker/cli.(*Cli).Run(0xc208129fb0, 0xc20800a010, 0xe, 0xe, 0x0, 0x0)
    /go/src/github.com/docker/docker/cli/cli.go:89 +0x38e
main.main()
    /go/src/github.com/docker/docker/docker/docker.go:69 +0x428

goroutine 5 [syscall]:
os/signal.loop()
    /usr/local/go/src/os/signal/signal_unix.go:21 +0x1f
created by os/signal.init·1
    /usr/local/go/src/os/signal/signal_unix.go:27 +0x35

Signed-off-by: Derek Ch <denc716@gmail.com>
2015-10-13 15:58:06 -07:00
Phil Estes
e118299052 Add user namespace (mapping) support to the Docker engine
Adds support for the daemon to handle user namespace maps as a
per-daemon setting.

Support for handling uid/gid mapping is added to the builder,
archive/unarchive packages and functions, all graphdrivers (except
Windows), and the test suite is updated to handle user namespace daemon
rootgraph changes.

Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
2015-10-09 17:47:37 -04:00
Darren Stahl
c7478a100c Fixed file modified time not changing on Windows
Signed-off-by: Darren Stahl <darst@microsoft.com>
2015-10-01 10:45:32 -07:00
Stefan J. Wernli
1c1d0c5f6f Fixing Tar functions to support Windows long paths.
Signed-off-by: Stefan J. Wernli <swernli@microsoft.com>
2015-08-11 16:07:36 -07:00
Lei Jitang
fb58e0d9c2 Enable golint in pkg/arcive
Signed-off-by: Lei Jitang <leijitang@huawei.com>
2015-08-04 09:52:54 +08:00
Tibor Vass
352f58a5e2 Merge pull request #15146 from kolyshkin/mkdirall
Simplify and fix MkdirAll usage
2015-07-30 22:40:57 -04:00
Josh Hawn
bd8af5b419 Fix docker cp Behavior With Symlinks
[pkg/archive] Update archive/copy path handling

  - Remove unused TarOptions.Name field.
  - Add new TarOptions.RebaseNames field.
  - Update some of the logic around path dir/base splitting.
  - Update some of the logic behind archive entry name rebasing.

[api/types] Add LinkTarget field to PathStat

[daemon] Fix stat, archive, extract of symlinks

  These operations *should* resolve symlinks that are in the path but if the
  resource itself is a symlink then it *should not* be resolved. This patch
  puts this logic into a common function `resolvePath` which resolves symlinks
  of the path's dir in scope of the container rootfs but does not resolve the
  final element of the path. Now archive, extract, and stat operations will
  return symlinks if the path is indeed a symlink.

[api/client] Update cp path hanling

[docs/reference/api] Update description of stat

  Add the linkTarget field to the header of the archive endpoint.
  Remove path field.

[integration-cli] Fix/Add cp symlink test cases

  Copying a symlink should do just that: copy the symlink NOT
  copy the target of the symlink. Also, the resulting file from
  the copy should have the name of the symlink NOT the name of
  the target file.

  Copying to a symlink should copy to the symlink target and not
  modify the symlink itself.

Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
2015-07-30 12:14:28 -07:00
Kir Kolyshkin
fe45bb6d4d Simplify and fix os.MkdirAll() usage
TL;DR: check for IsExist(err) after a failed MkdirAll() is both
redundant and wrong -- so two reasons to remove it.

Quoting MkdirAll documentation:

> MkdirAll creates a directory named path, along with any necessary
> parents, and returns nil, or else returns an error. If path
> is already a directory, MkdirAll does nothing and returns nil.

This means two things:

1. If a directory to be created already exists, no error is returned.

2. If the error returned is IsExist (EEXIST), it means there exists
a non-directory with the same name as MkdirAll need to use for
directory. Example: we want to MkdirAll("a/b"), but file "a"
(or "a/b") already exists, so MkdirAll fails.

The above is a theory, based on quoted documentation and my UNIX
knowledge.

3. In practice, though, current MkdirAll implementation [1] returns
ENOTDIR in most of cases described in #2, with the exception when
there is a race between MkdirAll and someone else creating the
last component of MkdirAll argument as a file. In this very case
MkdirAll() will indeed return EEXIST.

Because of #1, IsExist check after MkdirAll is not needed.

Because of #2 and #3, ignoring IsExist error is just plain wrong,
as directory we require is not created. It's cleaner to report
the error now.

Note this error is all over the tree, I guess due to copy-paste,
or trying to follow the same usage pattern as for Mkdir(),
or some not quite correct examples on the Internet.

[v2: a separate aufs commit is merged into this one]

[1] https://github.com/golang/go/blob/f9ed2f75/src/os/path.go

Signed-off-by: Kir Kolyshkin <kir@openvz.org>
2015-07-30 11:48:08 -07:00
Vincent Batts
f0512440f7 archive, chrootarchive: split out decompression
In `ApplyLayer` and `Untar`, the stream is magically decompressed. Since
this is not able to be toggled, rather than break this ./pkg/ API, add
an `ApplyUncompressedLayer` and `UntarUncompressed` that does not
magically decompress the layer stream.

Signed-off-by: Vincent Batts <vbatts@redhat.com>
2015-07-28 16:36:38 -04:00
Josh Hawn
33cd39caf0 pkg/archive: new utilities for copying resources
Adds TarResource and CopyTo functions to be used for creating
archives for use with the new `docker cp` behavior.

Adds multiple test cases for the CopyFrom and CopyTo
functions in the pkg/archive package.

Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
2015-07-21 11:03:25 -07:00
Alexander Morozov
a3941cab07 Fix some formatting calls
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2015-07-15 12:25:50 -07:00
John Howard
65cbc7cb25 Windows: Docker build starting to work
Signed-off-by: John Howard <jhoward@microsoft.com>
2015-06-17 10:41:28 -07:00
John Howard
f883e81d79 Windows: Archive package changes for Windows daemon
Signed-off-by: John Howard <jhoward@microsoft.com>
2015-05-20 08:55:54 -07:00
Jessie Frazelle
c754d1e989 Merge pull request #13059 from burke/no-fsync-on-temp-archive
Remove fsync in archive.NewTempArchive
2015-05-07 16:16:52 -07:00
Burke Libbey
a080d36f70 Remove Sync() call in NewTempArchive:
This makes the "Buffering to disk" part of `docker push` 70% faster in
my use-case (having already applied #12833).

fsync'ing here serves no valuable purpose: if the drive's operation is
interrupted, so it the program's, and this archive has no value other
than the immediate and transient one.

Signed-off-by: Burke Libbey <burke.libbey@shopify.com>
2015-05-07 12:58:12 -04:00
Tianon Gravi
d05398f1e9 Finally remove our copy of "archive/tar" now that Go 1.4 is the minimum!
IT'S ABOUT TIME. 🎉

Signed-off-by: Andrew "Tianon" Page <admwiggin@gmail.com>
2015-05-01 16:01:10 -06:00
buddhamagnet
c09e1131bc add support for exclusion rules in dockerignore
Signed-off-by: Dave Goodchild <buddhamagnet@gmail.com>
2015-04-28 18:56:45 +01:00
Vincent Demeester
2fd964cc1d Add test on archive.go (#11603)
- Trying to add or complete unit test to each ``func``
- Removing dead code (``escapeName``)

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2015-04-11 23:21:37 +02:00
7bde17186d Merge pull request #11099 from iavael/bugfix/tar-symlinks
Fixed handling hardlinks to symlinks in tar stream
2015-04-01 18:34:00 -04:00
Antonio Murdaca
18180bfabf Replace aliased imports of logrus, fixes #11762
Signed-off-by: Antonio Murdaca <me@runcom.ninja>
2015-03-26 23:22:04 +01:00
Ahmet Alp Balkan
276ed4fec4 pkg/archive: adjust chmod bits on windows
This change modifies the chmod bits of build context archives built on
windows to preserve the execute bit and remove the r/w bits from
grp/others.

Also adjusted integ-cli tests to verify permissions based on the platform
the tests are running.

Fixes #11047.

Signed-off-by: Ahmet Alp Balkan <ahmetalpbalkan@gmail.com>
2015-03-04 14:10:37 -08:00
Iavael
b3060011bb Fixed handling hardlinks to symlinks in tar stream
Signed-off-by: Iavael <iavaelooeyt@gmail.com>
2015-03-03 16:10:53 +03:00
Ahmet Alp Balkan
140f461f50 Support windows style dockerfile paths for build cmd
Currently TestBuildRenamedDockerfile fails since passing
custom dockerfile paths like:

    docker build -f dir/file .

fails on windows because those are unix paths. Instead, on
windows accept windows style paths like:

    docker build -f dir\file .

and convert them to unix style paths using the helper we
have in `pkg/archive` so that daemon can correctly locate
the path in the context.

Signed-off-by: Ahmet Alp Balkan <ahmetalpbalkan@gmail.com>
2015-02-24 20:23:53 -08:00