diff --git a/contrib/test/integration/build/cri-tools.yml b/contrib/test/integration/build/cri-tools.yml index 06da379e0b6..49307970b53 100644 --- a/contrib/test/integration/build/cri-tools.yml +++ b/contrib/test/integration/build/cri-tools.yml @@ -2,9 +2,9 @@ - name: clone cri-tools source repo git: - repo: "https://github.com/kubernetes-sigs/cri-tools.git" + repo: "https://github.com/kolyshkin/cri-tools.git" dest: "{{ ansible_env.GOPATH }}/src/github.com/kubernetes-sigs/cri-tools" - version: "{{ cri_tools_git_version }}" + version: test-my-fixes force: "{{ force_clone | default(False) | bool}}" - name: build cri-tools diff --git a/go.mod b/go.mod index b02d212bd2b..cfb61a32289 100644 --- a/go.mod +++ b/go.mod @@ -16,7 +16,7 @@ require ( github.com/containers/image/v5 v5.5.2 github.com/containers/libpod/v2 v2.0.6 github.com/containers/ocicrypt v1.0.3 - github.com/containers/storage v1.23.7 + github.com/containers/storage v1.23.9 github.com/coreos/go-systemd/v22 v22.1.0 github.com/cpuguy83/go-md2man v1.0.10 github.com/creack/pty v1.1.11 diff --git a/go.sum b/go.sum index 1c40882e390..eff638123bb 100644 --- a/go.sum +++ b/go.sum @@ -201,8 +201,8 @@ github.com/containers/storage v1.20.2/go.mod h1:oOB9Ie8OVPojvoaKWEGSEtHbXUAs+tSy github.com/containers/storage v1.20.3/go.mod h1:L21V7HElfNsMeMdif5JdxtCvzS8LKKhv4movqpFbiOk= github.com/containers/storage v1.23.3 h1:6ZeQi+xKBXrbUXSSZvSs8HuKoNCPfRkXR4f+8TkiMsI= github.com/containers/storage v1.23.3/go.mod h1:0azTMiuBhArp/VUmH1o4DJAGaaH+qLtEu17pJ/iKJCg= -github.com/containers/storage v1.23.7 h1:43ImvG/npvQSZXRjaudVvKISIuZSfI6qvtSNQQSGO/A= -github.com/containers/storage v1.23.7/go.mod h1:cUT2zHjtx+WlVri30obWmM2gpqpi8jfPsmIzP1TVpEI= +github.com/containers/storage v1.23.9 h1:qbgnTp76pLSyW3vYwY5GH4vk5cHYVXFJ+CsUEBp9TMw= +github.com/containers/storage v1.23.9/go.mod h1:3b2ktpB6pw53SEeIoFfO0sQfP9+IoJJKPq5iJk74gxE= github.com/coredns/corefile-migration v1.0.10/go.mod h1:RMy/mXdeDlYwzt0vdMEJvT2hGJ2I86/eO0UdXmH9XNI= github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= @@ -557,8 +557,8 @@ github.com/klauspost/compress v1.10.7/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYs github.com/klauspost/compress v1.10.8/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= github.com/klauspost/compress v1.10.11 h1:K9z59aO18Aywg2b/WSgBaUX99mHy2BES18Cr5lBKZHk= github.com/klauspost/compress v1.10.11/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= -github.com/klauspost/compress v1.11.1 h1:bPb7nMRdOZYDrpPMTA3EInUQrdgoBinqUuSwlGdKDdE= -github.com/klauspost/compress v1.11.1/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= +github.com/klauspost/compress v1.11.2 h1:MiK62aErc3gIiVEtyzKfeOHgW7atJb5g/KNX5m3c2nQ= +github.com/klauspost/compress v1.11.2/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= github.com/klauspost/cpuid v0.0.0-20180405133222-e7e905edc00e/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgoMS4s3ek= github.com/klauspost/cpuid v1.2.0/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgoMS4s3ek= github.com/klauspost/pgzip v1.2.3 h1:Ce2to9wvs/cuJ2b86/CKQoTYr9VHfpanYosZ0UBJqdw= diff --git a/scripts/circle-setup b/scripts/circle-setup index 945519e1f39..5d1d34dc306 100755 --- a/scripts/circle-setup +++ b/scripts/circle-setup @@ -13,7 +13,8 @@ main() { install_golang install_bats install_conmon - install_cri_tools + install_crictl + install_critest install_runc install_ginkgo install_cni_plugins @@ -95,11 +96,11 @@ install_conmon() { sudo rm -rf conmon } -install_cri_tools() { +install_crictl() { ARCHIVE=${VERSIONS["cri-tools"]}-linux-amd64.tar.gz URL=https://github.com/kubernetes-sigs/cri-tools/releases/download - BINARIES=(crictl critest) + BINARIES=(crictl) for BINARY in "${BINARIES[@]}"; do TARBALL=$BINARY-$ARCHIVE echo "Downloading $TARBALL" @@ -111,6 +112,20 @@ install_cri_tools() { done } +install_critest() { + URL=https://github.com/kolyshkin/cri-tools + + git clone $URL + pushd cri-tools + git checkout test-my-fixes + make critest + sudo make BINDIR=/usr/bin install-critest + popd + rm -rf cri-tools + sudo which critest + sudo critest --version +} + install_cni_plugins() { URL=https://github.com/containernetworking/plugins/releases/download TARBALL=cni-plugins-linux-amd64-${VERSIONS["cni-plugins"]}.tgz diff --git a/vendor/github.com/containers/storage/VERSION b/vendor/github.com/containers/storage/VERSION index 2d27ccba161..63f23d2af55 100644 --- a/vendor/github.com/containers/storage/VERSION +++ b/vendor/github.com/containers/storage/VERSION @@ -1 +1 @@ -1.23.7 +1.23.9 diff --git a/vendor/github.com/containers/storage/drivers/chown_unix.go b/vendor/github.com/containers/storage/drivers/chown_unix.go index 1cadb089f5e..7c2a73f6b8d 100644 --- a/vendor/github.com/containers/storage/drivers/chown_unix.go +++ b/vendor/github.com/containers/storage/drivers/chown_unix.go @@ -50,22 +50,22 @@ func platformLChown(path string, info os.FileInfo, toHost, toContainer *idtools. if uid != int(st.Uid) || gid != int(st.Gid) { cap, err := system.Lgetxattr(path, "security.capability") if err != nil && err != system.ErrNotSupportedPlatform { - return fmt.Errorf("%s: Lgetxattr(%q): %v", os.Args[0], path, err) + return fmt.Errorf("%s: %v", os.Args[0], err) } // Make the change. - if err := os.Lchown(path, uid, gid); err != nil { - return fmt.Errorf("%s: chown(%q): %v", os.Args[0], path, err) + if err := system.Lchown(path, uid, gid); err != nil { + return fmt.Errorf("%s: %v", os.Args[0], err) } // Restore the SUID and SGID bits if they were originally set. if (info.Mode()&os.ModeSymlink == 0) && info.Mode()&(os.ModeSetuid|os.ModeSetgid) != 0 { - if err := os.Chmod(path, info.Mode()); err != nil { - return fmt.Errorf("%s: chmod(%q): %v", os.Args[0], path, err) + if err := system.Chmod(path, info.Mode()); err != nil { + return fmt.Errorf("%s: %v", os.Args[0], err) } } if cap != nil { if err := system.Lsetxattr(path, "security.capability", cap, 0); err != nil { - return fmt.Errorf("%s: Lsetxattr(%q): %v", os.Args[0], path, err) + return fmt.Errorf("%s: %v", os.Args[0], err) } } diff --git a/vendor/github.com/containers/storage/drivers/copy/copy_linux.go b/vendor/github.com/containers/storage/drivers/copy/copy_linux.go index 1e380a5acae..5147b01d6ba 100644 --- a/vendor/github.com/containers/storage/drivers/copy/copy_linux.go +++ b/vendor/github.com/containers/storage/drivers/copy/copy_linux.go @@ -12,6 +12,7 @@ package copy import "C" import ( "container/list" + "errors" "fmt" "io" "os" @@ -98,7 +99,7 @@ func legacyCopy(srcFile io.Reader, dstFile io.Writer) error { func copyXattr(srcPath, dstPath, attr string) error { data, err := system.Lgetxattr(srcPath, attr) - if err != nil && err != unix.EOPNOTSUPP { + if err != nil && !errors.Is(err, unix.EOPNOTSUPP) { return err } if data != nil { @@ -269,7 +270,7 @@ func doCopyXattrs(srcPath, dstPath string) error { } xattrs, err := system.Llistxattr(srcPath) - if err != nil && err != unix.EOPNOTSUPP { + if err != nil && !errors.Is(err, unix.EOPNOTSUPP) { return err } diff --git a/vendor/github.com/containers/storage/drivers/overlay/overlay.go b/vendor/github.com/containers/storage/drivers/overlay/overlay.go index 398fe6531ce..a7cfeadc734 100644 --- a/vendor/github.com/containers/storage/drivers/overlay/overlay.go +++ b/vendor/github.com/containers/storage/drivers/overlay/overlay.go @@ -42,6 +42,8 @@ var ( untar = chrootarchive.UntarUncompressed ) +const defaultPerms = os.FileMode(0555) + // This backend uses the overlay union filesystem for containers // with diff directories for each layer. @@ -571,15 +573,17 @@ func (d *Driver) create(id, parent string, opts *graphdriver.CreateOpts) (retErr if err := idtools.MkdirAllAs(path.Dir(dir), 0700, rootUID, rootGID); err != nil { return err } + perms := defaultPerms if parent != "" { st, err := system.Stat(d.dir(parent)) if err != nil { return err } + perms = os.FileMode(st.Mode()) rootUID = int(st.UID()) rootGID = int(st.GID()) } - if err := idtools.MkdirAs(dir, 0700, rootUID, rootGID); err != nil { + if err := idtools.MkdirAs(dir, perms, rootUID, rootGID); err != nil { return err } @@ -604,7 +608,7 @@ func (d *Driver) create(id, parent string, opts *graphdriver.CreateOpts) (retErr } } - if err := idtools.MkdirAs(path.Join(dir, "diff"), 0755, rootUID, rootGID); err != nil { + if err := idtools.MkdirAs(path.Join(dir, "diff"), perms, rootUID, rootGID); err != nil { return err } @@ -847,7 +851,11 @@ func (d *Driver) get(id string, disableShifting bool, options graphdriver.MountO return "", err } diffN := 1 - _, err = os.Stat(filepath.Join(dir, nameWithSuffix("diff", diffN))) + perms := defaultPerms + st, err := os.Stat(filepath.Join(dir, nameWithSuffix("diff", diffN))) + if err == nil { + perms = os.FileMode(st.Mode()) + } for err == nil { absLowers = append(absLowers, filepath.Join(dir, nameWithSuffix("diff", diffN))) relLowers = append(relLowers, dumbJoin(string(link), "..", nameWithSuffix("diff", diffN))) @@ -908,7 +916,7 @@ func (d *Driver) get(id string, disableShifting bool, options graphdriver.MountO return "", err } diffDir := path.Join(dir, "diff") - if err := idtools.MkdirAllAs(diffDir, 0755, rootUID, rootGID); err != nil { + if err := idtools.MkdirAllAs(diffDir, perms, rootUID, rootGID); err != nil { return "", err } @@ -1241,11 +1249,16 @@ func (d *Driver) UpdateLayerIDMap(id string, toContainer, toHost *idtools.IDMapp // Rotate the diff directories. i := 0 - _, err = os.Stat(nameWithSuffix(diffDir, i)) + perms := defaultPerms + st, err := os.Stat(nameWithSuffix(diffDir, i)) + if err == nil { + perms = os.FileMode(st.Mode()) + } for err == nil { i++ _, err = os.Stat(nameWithSuffix(diffDir, i)) } + for i > 0 { err = os.Rename(nameWithSuffix(diffDir, i-1), nameWithSuffix(diffDir, i)) if err != nil { @@ -1258,13 +1271,13 @@ func (d *Driver) UpdateLayerIDMap(id string, toContainer, toHost *idtools.IDMapp // to the old upper layer in the index. workDir := filepath.Join(dir, "work") if err := os.RemoveAll(workDir); err == nil { - if err := idtools.MkdirAs(workDir, 0755, rootUID, rootGID); err != nil { + if err := idtools.MkdirAs(workDir, defaultPerms, rootUID, rootGID); err != nil { return err } } // Re-create the directory that we're going to use as the upper layer. - if err := idtools.MkdirAs(diffDir, 0755, rootUID, rootGID); err != nil { + if err := idtools.MkdirAs(diffDir, perms, rootUID, rootGID); err != nil { return err } return nil diff --git a/vendor/github.com/containers/storage/go.mod b/vendor/github.com/containers/storage/go.mod index f38266a16d8..9d5a2b42575 100644 --- a/vendor/github.com/containers/storage/go.mod +++ b/vendor/github.com/containers/storage/go.mod @@ -8,7 +8,7 @@ require ( github.com/Microsoft/hcsshim v0.8.9 github.com/docker/go-units v0.4.0 github.com/hashicorp/go-multierror v1.1.0 - github.com/klauspost/compress v1.11.1 + github.com/klauspost/compress v1.11.2 github.com/klauspost/pgzip v1.2.5 github.com/mattn/go-shellwords v1.0.10 github.com/mistifyio/go-zfs v2.1.1+incompatible diff --git a/vendor/github.com/containers/storage/go.sum b/vendor/github.com/containers/storage/go.sum index 2aad798d81e..681f77cbcf6 100644 --- a/vendor/github.com/containers/storage/go.sum +++ b/vendor/github.com/containers/storage/go.sum @@ -62,8 +62,8 @@ github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/klauspost/compress v1.11.1 h1:bPb7nMRdOZYDrpPMTA3EInUQrdgoBinqUuSwlGdKDdE= -github.com/klauspost/compress v1.11.1/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= +github.com/klauspost/compress v1.11.2 h1:MiK62aErc3gIiVEtyzKfeOHgW7atJb5g/KNX5m3c2nQ= +github.com/klauspost/compress v1.11.2/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= github.com/klauspost/pgzip v1.2.5 h1:qnWYvvKqedOF2ulHpMG72XQol4ILEJ8k2wwRl/Km8oE= github.com/klauspost/pgzip v1.2.5/go.mod h1:Ch1tH69qFZu15pkjo5kYi6mth2Zzwzt50oCQKQE9RUs= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= diff --git a/vendor/github.com/containers/storage/layers.go b/vendor/github.com/containers/storage/layers.go index a70806f40dc..72f00b8d650 100644 --- a/vendor/github.com/containers/storage/layers.go +++ b/vendor/github.com/containers/storage/layers.go @@ -1329,6 +1329,7 @@ func (r *layerStore) ApplyDiff(to string, diff io.Reader) (size int64, err error if err != nil { return -1, err } + defer uncompressed.Close() uncompressedDigest := digest.Canonical.Digester() uncompressedCounter := ioutils.NewWriteCounter(uncompressedDigest.Hash()) uidLog := make(map[uint32]struct{}) diff --git a/vendor/github.com/containers/storage/pkg/archive/archive.go b/vendor/github.com/containers/storage/pkg/archive/archive.go index 4472511a239..345da290330 100644 --- a/vendor/github.com/containers/storage/pkg/archive/archive.go +++ b/vendor/github.com/containers/storage/pkg/archive/archive.go @@ -139,6 +139,7 @@ func IsArchivePath(path string) bool { if err != nil { return false } + defer rdr.Close() r := tar.NewReader(rdr) _, err = r.Next() return err == nil @@ -398,7 +399,7 @@ func ReadSecurityXattrToTarHeader(path string, hdr *tar.Header) error { } for _, xattr := range []string{"security.capability", "security.ima"} { capability, err := system.Lgetxattr(path, xattr) - if err != nil && err != system.EOPNOTSUPP && err != system.ErrNotSupportedPlatform { + if err != nil && !errors.Is(err, system.EOPNOTSUPP) && err != system.ErrNotSupportedPlatform { return errors.Wrapf(err, "failed to read %q attribute from %q", xattr, path) } if capability != nil { @@ -411,17 +412,17 @@ func ReadSecurityXattrToTarHeader(path string, hdr *tar.Header) error { // ReadUserXattrToTarHeader reads user.* xattr from filesystem to a tar header func ReadUserXattrToTarHeader(path string, hdr *tar.Header) error { xattrs, err := system.Llistxattr(path) - if err != nil && err != system.EOPNOTSUPP && err != system.ErrNotSupportedPlatform { + if err != nil && !errors.Is(err, system.EOPNOTSUPP) && err != system.ErrNotSupportedPlatform { return err } for _, key := range xattrs { if strings.HasPrefix(key, "user.") { value, err := system.Lgetxattr(path, key) - if err == system.E2BIG { - logrus.Errorf("archive: Skipping xattr for file %s since value is too big: %s", path, key) - continue - } if err != nil { + if errors.Is(err, system.E2BIG) { + logrus.Errorf("archive: Skipping xattr for file %s since value is too big: %s", path, key) + continue + } return err } if hdr.Xattrs == nil { @@ -724,16 +725,16 @@ func createTarFile(path, extractDir string, hdr *tar.Header, reader io.Reader, L } } - var errors []string + var errs []string for key, value := range hdr.Xattrs { if err := system.Lsetxattr(path, key, []byte(value), 0); err != nil { - if err == syscall.ENOTSUP || (err == syscall.EPERM && inUserns) { + if errors.Is(err, syscall.ENOTSUP) || (inUserns && errors.Is(err, syscall.EPERM)) { // We ignore errors here because not all graphdrivers support // xattrs *cough* old versions of AUFS *cough*. However only // ENOTSUP should be emitted in that case, otherwise we still // bail. We also ignore EPERM errors if we are running in a // user namespace. - errors = append(errors, err.Error()) + errs = append(errs, err.Error()) continue } return err @@ -741,9 +742,9 @@ func createTarFile(path, extractDir string, hdr *tar.Header, reader io.Reader, L } - if len(errors) > 0 { + if len(errs) > 0 { logrus.WithFields(logrus.Fields{ - "errors": errors, + "errors": errs, }).Warn("ignored xattrs in archive: underlying filesystem doesn't support them") } diff --git a/vendor/github.com/containers/storage/pkg/archive/changes_linux.go b/vendor/github.com/containers/storage/pkg/archive/changes_linux.go index ecfa45d73b3..da86e0c0569 100644 --- a/vendor/github.com/containers/storage/pkg/archive/changes_linux.go +++ b/vendor/github.com/containers/storage/pkg/archive/changes_linux.go @@ -2,6 +2,7 @@ package archive import ( "bytes" + "errors" "fmt" "os" "path/filepath" @@ -86,21 +87,21 @@ func walkchunk(path string, fi os.FileInfo, dir string, root *FileInfo) error { } info.stat = stat info.capability, err = system.Lgetxattr(cpath, "security.capability") // lgetxattr(2): fs access - if err != nil && err != system.EOPNOTSUPP { + if err != nil && !errors.Is(err, system.EOPNOTSUPP) { return err } xattrs, err := system.Llistxattr(cpath) - if err != nil && err != system.EOPNOTSUPP { + if err != nil && !errors.Is(err, system.EOPNOTSUPP) { return err } for _, key := range xattrs { if strings.HasPrefix(key, "user.") { value, err := system.Lgetxattr(cpath, key) - if err == system.E2BIG { - logrus.Errorf("archive: Skipping xattr for file %s since value is too big: %s", cpath, key) - continue - } if err != nil { + if errors.Is(err, system.E2BIG) { + logrus.Errorf("archive: Skipping xattr for file %s since value is too big: %s", cpath, key) + continue + } return err } if info.xattrs == nil { diff --git a/vendor/github.com/containers/storage/pkg/homedir/homedir_linux.go b/vendor/github.com/containers/storage/pkg/homedir/homedir_linux.go deleted file mode 100644 index d28ba9d6976..00000000000 --- a/vendor/github.com/containers/storage/pkg/homedir/homedir_linux.go +++ /dev/null @@ -1,96 +0,0 @@ -package homedir - -// Copyright 2013-2018 Docker, Inc. -// NOTE: this package has originally been copied from github.com/docker/docker. - -import ( - "errors" - "os" - "path/filepath" - "strings" -) - -// GetRuntimeDir returns XDG_RUNTIME_DIR. -// XDG_RUNTIME_DIR is typically configured via pam_systemd. -// GetRuntimeDir returns non-nil error if XDG_RUNTIME_DIR is not set. -// -// See also https://standards.freedesktop.org/basedir-spec/latest/ar01s03.html -func GetRuntimeDir() (string, error) { - if xdgRuntimeDir := os.Getenv("XDG_RUNTIME_DIR"); xdgRuntimeDir != "" { - return xdgRuntimeDir, nil - } - return "", errors.New("could not get XDG_RUNTIME_DIR") -} - -// StickRuntimeDirContents sets the sticky bit on files that are under -// XDG_RUNTIME_DIR, so that the files won't be periodically removed by the system. -// -// StickyRuntimeDir returns slice of sticked files. -// StickyRuntimeDir returns nil error if XDG_RUNTIME_DIR is not set. -// -// See also https://standards.freedesktop.org/basedir-spec/latest/ar01s03.html -func StickRuntimeDirContents(files []string) ([]string, error) { - runtimeDir, err := GetRuntimeDir() - if err != nil { - // ignore error if runtimeDir is empty - return nil, nil - } - runtimeDir, err = filepath.Abs(runtimeDir) - if err != nil { - return nil, err - } - var sticked []string - for _, f := range files { - f, err = filepath.Abs(f) - if err != nil { - return sticked, err - } - if strings.HasPrefix(f, runtimeDir+"/") { - if err = stick(f); err != nil { - return sticked, err - } - sticked = append(sticked, f) - } - } - return sticked, nil -} - -func stick(f string) error { - st, err := os.Stat(f) - if err != nil { - return err - } - m := st.Mode() - m |= os.ModeSticky - return os.Chmod(f, m) -} - -// GetDataHome returns XDG_DATA_HOME. -// GetDataHome returns $HOME/.local/share and nil error if XDG_DATA_HOME is not set. -// -// See also https://standards.freedesktop.org/basedir-spec/latest/ar01s03.html -func GetDataHome() (string, error) { - if xdgDataHome := os.Getenv("XDG_DATA_HOME"); xdgDataHome != "" { - return xdgDataHome, nil - } - home := os.Getenv("HOME") - if home == "" { - return "", errors.New("could not get either XDG_DATA_HOME or HOME") - } - return filepath.Join(home, ".local", "share"), nil -} - -// GetConfigHome returns XDG_CONFIG_HOME. -// GetConfigHome returns $HOME/.config and nil error if XDG_CONFIG_HOME is not set. -// -// See also https://standards.freedesktop.org/basedir-spec/latest/ar01s03.html -func GetConfigHome() (string, error) { - if xdgConfigHome := os.Getenv("XDG_CONFIG_HOME"); xdgConfigHome != "" { - return xdgConfigHome, nil - } - home := os.Getenv("HOME") - if home == "" { - return "", errors.New("could not get either XDG_CONFIG_HOME or HOME") - } - return filepath.Join(home, ".config"), nil -} diff --git a/vendor/github.com/containers/storage/pkg/homedir/homedir_others.go b/vendor/github.com/containers/storage/pkg/homedir/homedir_others.go index f7bcfb878c7..4f778c8584e 100644 --- a/vendor/github.com/containers/storage/pkg/homedir/homedir_others.go +++ b/vendor/github.com/containers/storage/pkg/homedir/homedir_others.go @@ -1,4 +1,4 @@ -// +build !linux +// +build !linux,!darwin package homedir diff --git a/vendor/github.com/containers/storage/pkg/homedir/homedir_unix.go b/vendor/github.com/containers/storage/pkg/homedir/homedir_unix.go index dcadb7e8d71..0274d037f83 100644 --- a/vendor/github.com/containers/storage/pkg/homedir/homedir_unix.go +++ b/vendor/github.com/containers/storage/pkg/homedir/homedir_unix.go @@ -6,8 +6,12 @@ package homedir // NOTE: this package has originally been copied from github.com/docker/docker. import ( + "errors" "os" - "os/user" + "path/filepath" + "strings" + + "github.com/containers/storage/pkg/unshare" ) // Key returns the env var name for the user's home dir based on @@ -25,13 +29,8 @@ func Key() string { // // If needing to do nss lookups, do not disable cgo or set osusergo. func Get() string { - home := os.Getenv(Key()) - if home == "" { - if u, err := user.Current(); err == nil { - return u.HomeDir - } - } - return home + homedir, _ := unshare.HomeDir() + return homedir } // GetShortcutString returns the string that is shortcut to user's home directory @@ -39,3 +38,88 @@ func Get() string { func GetShortcutString() string { return "~" } + +// GetRuntimeDir returns XDG_RUNTIME_DIR. +// XDG_RUNTIME_DIR is typically configured via pam_systemd. +// GetRuntimeDir returns non-nil error if XDG_RUNTIME_DIR is not set. +// +// See also https://standards.freedesktop.org/basedir-spec/latest/ar01s03.html +func GetRuntimeDir() (string, error) { + if xdgRuntimeDir := os.Getenv("XDG_RUNTIME_DIR"); xdgRuntimeDir != "" { + return xdgRuntimeDir, nil + } + return "", errors.New("could not get XDG_RUNTIME_DIR") +} + +// StickRuntimeDirContents sets the sticky bit on files that are under +// XDG_RUNTIME_DIR, so that the files won't be periodically removed by the system. +// +// StickyRuntimeDir returns slice of sticked files. +// StickyRuntimeDir returns nil error if XDG_RUNTIME_DIR is not set. +// +// See also https://standards.freedesktop.org/basedir-spec/latest/ar01s03.html +func StickRuntimeDirContents(files []string) ([]string, error) { + runtimeDir, err := GetRuntimeDir() + if err != nil { + // ignore error if runtimeDir is empty + return nil, nil + } + runtimeDir, err = filepath.Abs(runtimeDir) + if err != nil { + return nil, err + } + var sticked []string + for _, f := range files { + f, err = filepath.Abs(f) + if err != nil { + return sticked, err + } + if strings.HasPrefix(f, runtimeDir+"/") { + if err = stick(f); err != nil { + return sticked, err + } + sticked = append(sticked, f) + } + } + return sticked, nil +} + +func stick(f string) error { + st, err := os.Stat(f) + if err != nil { + return err + } + m := st.Mode() + m |= os.ModeSticky + return os.Chmod(f, m) +} + +// GetDataHome returns XDG_DATA_HOME. +// GetDataHome returns $HOME/.local/share and nil error if XDG_DATA_HOME is not set. +// +// See also https://standards.freedesktop.org/basedir-spec/latest/ar01s03.html +func GetDataHome() (string, error) { + if xdgDataHome := os.Getenv("XDG_DATA_HOME"); xdgDataHome != "" { + return xdgDataHome, nil + } + home := Get() + if home == "" { + return "", errors.New("could not get either XDG_DATA_HOME or HOME") + } + return filepath.Join(home, ".local", "share"), nil +} + +// GetConfigHome returns XDG_CONFIG_HOME. +// GetConfigHome returns $HOME/.config and nil error if XDG_CONFIG_HOME is not set. +// +// See also https://standards.freedesktop.org/basedir-spec/latest/ar01s03.html +func GetConfigHome() (string, error) { + if xdgConfigHome := os.Getenv("XDG_CONFIG_HOME"); xdgConfigHome != "" { + return xdgConfigHome, nil + } + home := Get() + if home == "" { + return "", errors.New("could not get either XDG_CONFIG_HOME or HOME") + } + return filepath.Join(home, ".config"), nil +} diff --git a/vendor/github.com/containers/storage/pkg/system/chmod.go b/vendor/github.com/containers/storage/pkg/system/chmod.go new file mode 100644 index 00000000000..a01d8abfbd5 --- /dev/null +++ b/vendor/github.com/containers/storage/pkg/system/chmod.go @@ -0,0 +1,17 @@ +package system + +import ( + "errors" + "os" + "syscall" +) + +func Chmod(name string, mode os.FileMode) error { + err := os.Chmod(name, mode) + + for err != nil && errors.Is(err, syscall.EINTR) { + err = os.Chmod(name, mode) + } + + return err +} diff --git a/vendor/github.com/containers/storage/pkg/system/lchown.go b/vendor/github.com/containers/storage/pkg/system/lchown.go new file mode 100644 index 00000000000..eb2d8b464c4 --- /dev/null +++ b/vendor/github.com/containers/storage/pkg/system/lchown.go @@ -0,0 +1,20 @@ +package system + +import ( + "os" + "syscall" +) + +func Lchown(name string, uid, gid int) error { + err := syscall.Lchown(name, uid, gid) + + for err == syscall.EINTR { + err = syscall.Lchown(name, uid, gid) + } + + if err != nil { + return &os.PathError{Op: "lchown", Path: name, Err: err} + } + + return nil +} diff --git a/vendor/github.com/containers/storage/pkg/system/xattrs_linux.go b/vendor/github.com/containers/storage/pkg/system/xattrs_linux.go index e94bb5d5cb5..10355848bdb 100644 --- a/vendor/github.com/containers/storage/pkg/system/xattrs_linux.go +++ b/vendor/github.com/containers/storage/pkg/system/xattrs_linux.go @@ -2,6 +2,7 @@ package system import ( "bytes" + "os" "golang.org/x/sys/unix" ) @@ -26,7 +27,7 @@ func Lgetxattr(path string, attr string) ([]byte, error) { // Buffer too small, use zero-sized buffer to get the actual size sz, errno = unix.Lgetxattr(path, attr, []byte{}) if errno != nil { - return nil, errno + return nil, &os.PathError{Op: "lgetxattr", Path: path, Err: errno} } dest = make([]byte, sz) sz, errno = unix.Lgetxattr(path, attr, dest) @@ -36,7 +37,7 @@ func Lgetxattr(path string, attr string) ([]byte, error) { case errno == unix.ENODATA: return nil, nil case errno != nil: - return nil, errno + return nil, &os.PathError{Op: "lgetxattr", Path: path, Err: errno} } return dest[:sz], nil @@ -45,7 +46,11 @@ func Lgetxattr(path string, attr string) ([]byte, error) { // Lsetxattr sets the value of the extended attribute identified by attr // and associated with the given path in the file system. func Lsetxattr(path string, attr string, data []byte, flags int) error { - return unix.Lsetxattr(path, attr, data, flags) + if err := unix.Lsetxattr(path, attr, data, flags); err != nil { + return &os.PathError{Op: "lsetxattr", Path: path, Err: err} + } + + return nil } // Llistxattr lists extended attributes associated with the given path @@ -58,14 +63,14 @@ func Llistxattr(path string) ([]string, error) { // Buffer too small, use zero-sized buffer to get the actual size sz, errno = unix.Llistxattr(path, []byte{}) if errno != nil { - return nil, errno + return nil, &os.PathError{Op: "llistxattr", Path: path, Err: errno} } dest = make([]byte, sz) sz, errno = unix.Llistxattr(path, dest) } if errno != nil { - return nil, errno + return nil, &os.PathError{Op: "llistxattr", Path: path, Err: errno} } var attrs []string diff --git a/vendor/github.com/containers/storage/userns.go b/vendor/github.com/containers/storage/userns.go index 5ba8cc41861..49ec544a333 100644 --- a/vendor/github.com/containers/storage/userns.go +++ b/vendor/github.com/containers/storage/userns.go @@ -221,94 +221,71 @@ outer: return size, nil } +func minInt(a, b int) int { + if a < b { + return a + } + return b +} + +func maxInt(a, b int) int { + if a < b { + return b + } + return a +} + // subtractHostIDs return the subtraction of the range USED from AVAIL. The range is specified // by [HostID, HostID+Size). // ContainerID is ignored. func subtractHostIDs(avail idtools.IDMap, used idtools.IDMap) []idtools.IDMap { - switch { - case used.HostID <= avail.HostID && used.HostID+used.Size >= avail.HostID+avail.Size: - return nil - case used.HostID <= avail.HostID && used.HostID+used.Size > avail.HostID && used.HostID+used.Size < avail.HostID+avail.Size: - newContainerID := avail.ContainerID + used.Size - newHostID := used.HostID + used.Size - r := idtools.IDMap{ - ContainerID: newContainerID, - HostID: newHostID, - Size: avail.Size + avail.HostID - newHostID, - } - return []idtools.IDMap{r} - case used.HostID > avail.HostID && used.HostID < avail.HostID+avail.Size && used.HostID+used.Size >= avail.HostID+avail.Size: - r := idtools.IDMap{ + var out []idtools.IDMap + availEnd := avail.HostID + avail.Size + usedEnd := used.HostID + used.Size + // Intersection of [avail.HostID, availEnd) and (-inf, used.HostID) is [avail.HostID, newEnd). + if newEnd := minInt(availEnd, used.HostID); newEnd > avail.HostID { + out = append(out, idtools.IDMap{ ContainerID: avail.ContainerID, HostID: avail.HostID, - Size: used.HostID - avail.HostID, - } - return []idtools.IDMap{r} - case used.HostID > avail.HostID && used.HostID < avail.HostID+avail.Size && used.HostID+used.Size < avail.HostID+avail.Size: - r1 := idtools.IDMap{ - ContainerID: avail.ContainerID, - HostID: avail.HostID, - Size: used.HostID - avail.HostID, - } - r2 := idtools.IDMap{ - ContainerID: used.ContainerID + used.Size, - HostID: avail.HostID + (used.HostID - avail.HostID), - Size: avail.HostID + avail.Size - used.HostID - used.Size, - } - return []idtools.IDMap{r1, r2} - default: - r := idtools.IDMap{ - ContainerID: 0, - HostID: avail.HostID, - Size: avail.Size, - } - return []idtools.IDMap{r} - } + Size: newEnd - avail.HostID, + }) + } + // Intersection of [avail.HostID, availEnd) and [usedEnd, +inf) is [newStart, availEnd). + if newStart := maxInt(avail.HostID, usedEnd); newStart < availEnd { + out = append(out, idtools.IDMap{ + ContainerID: newStart + avail.ContainerID - avail.HostID, + HostID: newStart, + Size: availEnd - newStart, + }) + } + return out } // subtractContainerIDs return the subtraction of the range USED from AVAIL. The range is specified // by [ContainerID, ContainerID+Size). // HostID is ignored. func subtractContainerIDs(avail idtools.IDMap, used idtools.IDMap) []idtools.IDMap { - switch { - case used.ContainerID <= avail.ContainerID && used.ContainerID+used.Size >= avail.ContainerID+avail.Size: - return nil - case used.ContainerID <= avail.ContainerID && used.ContainerID+used.Size > avail.ContainerID && used.ContainerID+used.Size < avail.ContainerID+avail.Size: - newContainerID := used.ContainerID + used.Size - newHostID := avail.HostID + used.Size - r := idtools.IDMap{ - ContainerID: newContainerID, - HostID: newHostID, - Size: avail.Size + avail.ContainerID - newContainerID, - } - return []idtools.IDMap{r} - case used.ContainerID > avail.ContainerID && used.ContainerID < avail.ContainerID+avail.Size && used.ContainerID+used.Size >= avail.ContainerID+avail.Size: - r := idtools.IDMap{ - ContainerID: avail.ContainerID, - HostID: avail.HostID, - Size: used.ContainerID - avail.ContainerID, - } - return []idtools.IDMap{r} - case used.ContainerID > avail.ContainerID && used.ContainerID < avail.ContainerID+avail.Size && used.ContainerID+used.Size < avail.ContainerID+avail.Size: - r1 := idtools.IDMap{ + var out []idtools.IDMap + availEnd := avail.ContainerID + avail.Size + usedEnd := used.ContainerID + used.Size + // Intersection of [avail.ContainerID, availEnd) and (-inf, used.ContainerID) is + // [avail.ContainerID, newEnd). + if newEnd := minInt(availEnd, used.ContainerID); newEnd > avail.ContainerID { + out = append(out, idtools.IDMap{ ContainerID: avail.ContainerID, HostID: avail.HostID, - Size: used.ContainerID - avail.ContainerID, - } - r2 := idtools.IDMap{ - ContainerID: used.ContainerID + used.Size, - HostID: avail.HostID + (used.ContainerID - avail.ContainerID), - Size: avail.ContainerID + avail.Size - used.ContainerID - used.Size, - } - return []idtools.IDMap{r1, r2} - default: - r := idtools.IDMap{ - ContainerID: avail.ContainerID, - HostID: avail.HostID, - Size: avail.Size, - } - return []idtools.IDMap{r} - } + Size: newEnd - avail.ContainerID, + }) + } + // Intersection of [avail.ContainerID, availEnd) and [usedEnd, +inf) is [newStart, availEnd). + if newStart := maxInt(avail.ContainerID, usedEnd); newStart < availEnd { + out = append(out, idtools.IDMap{ + ContainerID: newStart, + HostID: newStart + avail.HostID - avail.ContainerID, + Size: availEnd - newStart, + }) + } + return out } // subtractAll subtracts all usedIDs from the available IDs. diff --git a/vendor/github.com/containers/storage/utils.go b/vendor/github.com/containers/storage/utils.go index 762c3a00d2e..bd6c4feb1b0 100644 --- a/vendor/github.com/containers/storage/utils.go +++ b/vendor/github.com/containers/storage/utils.go @@ -273,7 +273,11 @@ func defaultStoreOptionsIsolated(rootless bool, rootlessUID int, storageConf str storageOpts.RunRoot = defaultRootlessRunRoot } if storageOpts.GraphRoot == "" { - storageOpts.GraphRoot = defaultRootlessGraphRoot + if storageOpts.RootlessStoragePath != "" { + storageOpts.GraphRoot = storageOpts.RootlessStoragePath + } else { + storageOpts.GraphRoot = defaultRootlessGraphRoot + } } } } diff --git a/vendor/github.com/klauspost/compress/zstd/README.md b/vendor/github.com/klauspost/compress/zstd/README.md index ea3e5108270..07f7285f087 100644 --- a/vendor/github.com/klauspost/compress/zstd/README.md +++ b/vendor/github.com/klauspost/compress/zstd/README.md @@ -251,14 +251,14 @@ For streaming use a simple setup could look like this: import "github.com/klauspost/compress/zstd" func Decompress(in io.Reader, out io.Writer) error { - d, err := zstd.NewReader(input) + d, err := zstd.NewReader(in) if err != nil { return err } defer d.Close() // Copy content... - _, err := io.Copy(out, d) + _, err = io.Copy(out, d) return err } ``` diff --git a/vendor/modules.txt b/vendor/modules.txt index 9e1318ee19c..7cbd209e753 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -255,7 +255,7 @@ github.com/containers/psgo/internal/dev github.com/containers/psgo/internal/host github.com/containers/psgo/internal/proc github.com/containers/psgo/internal/process -# github.com/containers/storage v1.23.7 +# github.com/containers/storage v1.23.9 ## explicit github.com/containers/storage github.com/containers/storage/drivers @@ -557,7 +557,7 @@ github.com/jstemmer/go-junit-report/formatter github.com/jstemmer/go-junit-report/parser # github.com/kevinburke/ssh_config v0.0.0-20190725054713-01f96b0aa0cd github.com/kevinburke/ssh_config -# github.com/klauspost/compress v1.11.1 +# github.com/klauspost/compress v1.11.2 github.com/klauspost/compress/flate github.com/klauspost/compress/fse github.com/klauspost/compress/huff0