github.com/afbjorklund/moby@v20.10.5+incompatible/pkg/archive/archive_unix_test.go (about) 1 // +build !windows 2 3 package archive // import "github.com/docker/docker/pkg/archive" 4 5 import ( 6 "archive/tar" 7 "bytes" 8 "fmt" 9 "io/ioutil" 10 "os" 11 "os/exec" 12 "path/filepath" 13 "strings" 14 "syscall" 15 "testing" 16 17 "github.com/containerd/containerd/sys" 18 "github.com/docker/docker/pkg/system" 19 "golang.org/x/sys/unix" 20 "gotest.tools/v3/assert" 21 is "gotest.tools/v3/assert/cmp" 22 "gotest.tools/v3/skip" 23 ) 24 25 func TestCanonicalTarNameForPath(t *testing.T) { 26 cases := []struct{ in, expected string }{ 27 {"foo", "foo"}, 28 {"foo/bar", "foo/bar"}, 29 {"foo/dir/", "foo/dir/"}, 30 } 31 for _, v := range cases { 32 if CanonicalTarNameForPath(v.in) != v.expected { 33 t.Fatalf("wrong canonical tar name. expected:%s got:%s", v.expected, CanonicalTarNameForPath(v.in)) 34 } 35 } 36 } 37 38 func TestCanonicalTarName(t *testing.T) { 39 cases := []struct { 40 in string 41 isDir bool 42 expected string 43 }{ 44 {"foo", false, "foo"}, 45 {"foo", true, "foo/"}, 46 {"foo/bar", false, "foo/bar"}, 47 {"foo/bar", true, "foo/bar/"}, 48 } 49 for _, v := range cases { 50 if canonicalTarName(v.in, v.isDir) != v.expected { 51 t.Fatalf("wrong canonical tar name. expected:%s got:%s", v.expected, canonicalTarName(v.in, v.isDir)) 52 } 53 } 54 } 55 56 func TestChmodTarEntry(t *testing.T) { 57 cases := []struct { 58 in, expected os.FileMode 59 }{ 60 {0000, 0000}, 61 {0777, 0777}, 62 {0644, 0644}, 63 {0755, 0755}, 64 {0444, 0444}, 65 } 66 for _, v := range cases { 67 if out := chmodTarEntry(v.in); out != v.expected { 68 t.Fatalf("wrong chmod. expected:%v got:%v", v.expected, out) 69 } 70 } 71 } 72 73 func TestTarWithHardLink(t *testing.T) { 74 origin, err := ioutil.TempDir("", "docker-test-tar-hardlink") 75 assert.NilError(t, err) 76 defer os.RemoveAll(origin) 77 78 err = ioutil.WriteFile(filepath.Join(origin, "1"), []byte("hello world"), 0700) 79 assert.NilError(t, err) 80 81 err = os.Link(filepath.Join(origin, "1"), filepath.Join(origin, "2")) 82 assert.NilError(t, err) 83 84 var i1, i2 uint64 85 i1, err = getNlink(filepath.Join(origin, "1")) 86 assert.NilError(t, err) 87 88 // sanity check that we can hardlink 89 if i1 != 2 { 90 t.Skipf("skipping since hardlinks don't work here; expected 2 links, got %d", i1) 91 } 92 93 dest, err := ioutil.TempDir("", "docker-test-tar-hardlink-dest") 94 assert.NilError(t, err) 95 defer os.RemoveAll(dest) 96 97 // we'll do this in two steps to separate failure 98 fh, err := Tar(origin, Uncompressed) 99 assert.NilError(t, err) 100 101 // ensure we can read the whole thing with no error, before writing back out 102 buf, err := ioutil.ReadAll(fh) 103 assert.NilError(t, err) 104 105 bRdr := bytes.NewReader(buf) 106 err = Untar(bRdr, dest, &TarOptions{Compression: Uncompressed}) 107 assert.NilError(t, err) 108 109 i1, err = getInode(filepath.Join(dest, "1")) 110 assert.NilError(t, err) 111 112 i2, err = getInode(filepath.Join(dest, "2")) 113 assert.NilError(t, err) 114 115 assert.Check(t, is.Equal(i1, i2)) 116 } 117 118 func TestTarWithHardLinkAndRebase(t *testing.T) { 119 tmpDir, err := ioutil.TempDir("", "docker-test-tar-hardlink-rebase") 120 assert.NilError(t, err) 121 defer os.RemoveAll(tmpDir) 122 123 origin := filepath.Join(tmpDir, "origin") 124 err = os.Mkdir(origin, 0700) 125 assert.NilError(t, err) 126 127 err = ioutil.WriteFile(filepath.Join(origin, "1"), []byte("hello world"), 0700) 128 assert.NilError(t, err) 129 130 err = os.Link(filepath.Join(origin, "1"), filepath.Join(origin, "2")) 131 assert.NilError(t, err) 132 133 var i1, i2 uint64 134 i1, err = getNlink(filepath.Join(origin, "1")) 135 assert.NilError(t, err) 136 137 // sanity check that we can hardlink 138 if i1 != 2 { 139 t.Skipf("skipping since hardlinks don't work here; expected 2 links, got %d", i1) 140 } 141 142 dest := filepath.Join(tmpDir, "dest") 143 bRdr, err := TarResourceRebase(origin, "origin") 144 assert.NilError(t, err) 145 146 dstDir, srcBase := SplitPathDirEntry(origin) 147 _, dstBase := SplitPathDirEntry(dest) 148 content := RebaseArchiveEntries(bRdr, srcBase, dstBase) 149 err = Untar(content, dstDir, &TarOptions{Compression: Uncompressed, NoLchown: true, NoOverwriteDirNonDir: true}) 150 assert.NilError(t, err) 151 152 i1, err = getInode(filepath.Join(dest, "1")) 153 assert.NilError(t, err) 154 i2, err = getInode(filepath.Join(dest, "2")) 155 assert.NilError(t, err) 156 157 assert.Check(t, is.Equal(i1, i2)) 158 } 159 160 // TestUntarParentPathPermissions is a regression test to check that missing 161 // parent directories are created with the expected permissions 162 func TestUntarParentPathPermissions(t *testing.T) { 163 buf := &bytes.Buffer{} 164 w := tar.NewWriter(buf) 165 err := w.WriteHeader(&tar.Header{Name: "foo/bar"}) 166 assert.NilError(t, err) 167 tmpDir, err := ioutil.TempDir("", t.Name()) 168 assert.NilError(t, err) 169 defer os.RemoveAll(tmpDir) 170 err = Untar(buf, tmpDir, nil) 171 assert.NilError(t, err) 172 173 fi, err := os.Lstat(filepath.Join(tmpDir, "foo")) 174 assert.NilError(t, err) 175 assert.Equal(t, fi.Mode(), 0755|os.ModeDir) 176 } 177 178 func getNlink(path string) (uint64, error) { 179 stat, err := os.Stat(path) 180 if err != nil { 181 return 0, err 182 } 183 statT, ok := stat.Sys().(*syscall.Stat_t) 184 if !ok { 185 return 0, fmt.Errorf("expected type *syscall.Stat_t, got %t", stat.Sys()) 186 } 187 // We need this conversion on ARM64 188 // nolint: unconvert 189 return uint64(statT.Nlink), nil 190 } 191 192 func getInode(path string) (uint64, error) { 193 stat, err := os.Stat(path) 194 if err != nil { 195 return 0, err 196 } 197 statT, ok := stat.Sys().(*syscall.Stat_t) 198 if !ok { 199 return 0, fmt.Errorf("expected type *syscall.Stat_t, got %t", stat.Sys()) 200 } 201 return statT.Ino, nil 202 } 203 204 func TestTarWithBlockCharFifo(t *testing.T) { 205 skip.If(t, os.Getuid() != 0, "skipping test that requires root") 206 skip.If(t, sys.RunningInUserNS(), "skipping test that requires initial userns") 207 origin, err := ioutil.TempDir("", "docker-test-tar-hardlink") 208 assert.NilError(t, err) 209 210 defer os.RemoveAll(origin) 211 err = ioutil.WriteFile(filepath.Join(origin, "1"), []byte("hello world"), 0700) 212 assert.NilError(t, err) 213 214 err = system.Mknod(filepath.Join(origin, "2"), unix.S_IFBLK, int(system.Mkdev(int64(12), int64(5)))) 215 assert.NilError(t, err) 216 err = system.Mknod(filepath.Join(origin, "3"), unix.S_IFCHR, int(system.Mkdev(int64(12), int64(5)))) 217 assert.NilError(t, err) 218 err = system.Mknod(filepath.Join(origin, "4"), unix.S_IFIFO, int(system.Mkdev(int64(12), int64(5)))) 219 assert.NilError(t, err) 220 221 dest, err := ioutil.TempDir("", "docker-test-tar-hardlink-dest") 222 assert.NilError(t, err) 223 defer os.RemoveAll(dest) 224 225 // we'll do this in two steps to separate failure 226 fh, err := Tar(origin, Uncompressed) 227 assert.NilError(t, err) 228 229 // ensure we can read the whole thing with no error, before writing back out 230 buf, err := ioutil.ReadAll(fh) 231 assert.NilError(t, err) 232 233 bRdr := bytes.NewReader(buf) 234 err = Untar(bRdr, dest, &TarOptions{Compression: Uncompressed}) 235 assert.NilError(t, err) 236 237 changes, err := ChangesDirs(origin, dest) 238 assert.NilError(t, err) 239 240 if len(changes) > 0 { 241 t.Fatalf("Tar with special device (block, char, fifo) should keep them (recreate them when untar) : %v", changes) 242 } 243 } 244 245 // TestTarUntarWithXattr is Unix as Lsetxattr is not supported on Windows 246 func TestTarUntarWithXattr(t *testing.T) { 247 skip.If(t, os.Getuid() != 0, "skipping test that requires root") 248 if _, err := exec.LookPath("setcap"); err != nil { 249 t.Skip("setcap not installed") 250 } 251 if _, err := exec.LookPath("getcap"); err != nil { 252 t.Skip("getcap not installed") 253 } 254 255 origin, err := ioutil.TempDir("", "docker-test-untar-origin") 256 assert.NilError(t, err) 257 defer os.RemoveAll(origin) 258 err = ioutil.WriteFile(filepath.Join(origin, "1"), []byte("hello world"), 0700) 259 assert.NilError(t, err) 260 261 err = ioutil.WriteFile(filepath.Join(origin, "2"), []byte("welcome!"), 0700) 262 assert.NilError(t, err) 263 err = ioutil.WriteFile(filepath.Join(origin, "3"), []byte("will be ignored"), 0700) 264 assert.NilError(t, err) 265 // there is no known Go implementation of setcap/getcap with support for v3 file capability 266 out, err := exec.Command("setcap", "cap_block_suspend+ep", filepath.Join(origin, "2")).CombinedOutput() 267 assert.NilError(t, err, string(out)) 268 269 for _, c := range []Compression{ 270 Uncompressed, 271 Gzip, 272 } { 273 changes, err := tarUntar(t, origin, &TarOptions{ 274 Compression: c, 275 ExcludePatterns: []string{"3"}, 276 }) 277 278 if err != nil { 279 t.Fatalf("Error tar/untar for compression %s: %s", c.Extension(), err) 280 } 281 282 if len(changes) != 1 || changes[0].Path != "/3" { 283 t.Fatalf("Unexpected differences after tarUntar: %v", changes) 284 } 285 out, err := exec.Command("getcap", filepath.Join(origin, "2")).CombinedOutput() 286 assert.NilError(t, err, string(out)) 287 assert.Check(t, is.Contains(string(out), "= cap_block_suspend+ep"), "untar should have kept the 'security.capability' xattr") 288 } 289 } 290 291 func TestCopyInfoDestinationPathSymlink(t *testing.T) { 292 tmpDir, _ := getTestTempDirs(t) 293 defer removeAllPaths(tmpDir) 294 295 root := strings.TrimRight(tmpDir, "/") + "/" 296 297 type FileTestData struct { 298 resource FileData 299 file string 300 expected CopyInfo 301 } 302 303 testData := []FileTestData{ 304 // Create a directory: /tmp/archive-copy-test*/dir1 305 // Test will "copy" file1 to dir1 306 {resource: FileData{filetype: Dir, path: "dir1", permissions: 0740}, file: "file1", expected: CopyInfo{Path: root + "dir1/file1", Exists: false, IsDir: false}}, 307 308 // Create a symlink directory to dir1: /tmp/archive-copy-test*/dirSymlink -> dir1 309 // Test will "copy" file2 to dirSymlink 310 {resource: FileData{filetype: Symlink, path: "dirSymlink", contents: root + "dir1", permissions: 0600}, file: "file2", expected: CopyInfo{Path: root + "dirSymlink/file2", Exists: false, IsDir: false}}, 311 312 // Create a file in tmp directory: /tmp/archive-copy-test*/file1 313 // Test to cover when the full file path already exists. 314 {resource: FileData{filetype: Regular, path: "file1", permissions: 0600}, file: "", expected: CopyInfo{Path: root + "file1", Exists: true}}, 315 316 // Create a directory: /tmp/archive-copy*/dir2 317 // Test to cover when the full directory path already exists 318 {resource: FileData{filetype: Dir, path: "dir2", permissions: 0740}, file: "", expected: CopyInfo{Path: root + "dir2", Exists: true, IsDir: true}}, 319 320 // Create a symlink to a non-existent target: /tmp/archive-copy*/symlink1 -> noSuchTarget 321 // Negative test to cover symlinking to a target that does not exit 322 {resource: FileData{filetype: Symlink, path: "symlink1", contents: "noSuchTarget", permissions: 0600}, file: "", expected: CopyInfo{Path: root + "noSuchTarget", Exists: false}}, 323 324 // Create a file in tmp directory for next test: /tmp/existingfile 325 {resource: FileData{filetype: Regular, path: "existingfile", permissions: 0600}, file: "", expected: CopyInfo{Path: root + "existingfile", Exists: true}}, 326 327 // Create a symlink to an existing file: /tmp/archive-copy*/symlink2 -> /tmp/existingfile 328 // Test to cover when the parent directory of a new file is a symlink 329 {resource: FileData{filetype: Symlink, path: "symlink2", contents: "existingfile", permissions: 0600}, file: "", expected: CopyInfo{Path: root + "existingfile", Exists: true}}, 330 } 331 332 var dirs []FileData 333 for _, data := range testData { 334 dirs = append(dirs, data.resource) 335 } 336 provisionSampleDir(t, tmpDir, dirs) 337 338 for _, info := range testData { 339 p := filepath.Join(tmpDir, info.resource.path, info.file) 340 ci, err := CopyInfoDestinationPath(p) 341 assert.Check(t, err) 342 assert.Check(t, is.DeepEqual(info.expected, ci)) 343 } 344 }