github.com/jwhonce/docker@v0.6.7-0.20190327063223-da823cf3a5a3/integration-cli/docker_cli_cp_to_container_unix_test.go (about) 1 // +build !windows 2 3 package main 4 5 import ( 6 "fmt" 7 "os" 8 "path/filepath" 9 "strconv" 10 "strings" 11 12 "github.com/docker/docker/integration-cli/checker" 13 "github.com/docker/docker/pkg/system" 14 "github.com/go-check/check" 15 ) 16 17 func (s *DockerSuite) TestCpToContainerWithPermissions(c *check.C) { 18 testRequires(c, testEnv.IsLocalDaemon, DaemonIsLinux) 19 20 tmpDir := getTestDir(c, "test-cp-to-host-with-permissions") 21 defer os.RemoveAll(tmpDir) 22 23 makeTestContentInDir(c, tmpDir) 24 25 containerName := "permtest" 26 27 _, exc := dockerCmd(c, "create", "--name", containerName, "debian:jessie", "/bin/bash", "-c", "stat -c '%u %g %a' /permdirtest /permdirtest/permtest") 28 c.Assert(exc, checker.Equals, 0) 29 defer dockerCmd(c, "rm", "-f", containerName) 30 31 srcPath := cpPath(tmpDir, "permdirtest") 32 dstPath := containerCpPath(containerName, "/") 33 c.Assert(runDockerCp(c, srcPath, dstPath, []string{"-a"}), checker.IsNil) 34 35 out, err := startContainerGetOutput(c, containerName) 36 c.Assert(err, checker.IsNil, check.Commentf("output: %v", out)) 37 c.Assert(strings.TrimSpace(out), checker.Equals, "2 2 700\n65534 65534 400", check.Commentf("output: %v", out)) 38 } 39 40 // Check ownership is root, both in non-userns and userns enabled modes 41 func (s *DockerSuite) TestCpCheckDestOwnership(c *check.C) { 42 testRequires(c, DaemonIsLinux, testEnv.IsLocalDaemon) 43 tmpVolDir := getTestDir(c, "test-cp-tmpvol") 44 containerID := makeTestContainer(c, 45 testContainerOptions{volumes: []string{fmt.Sprintf("%s:/tmpvol", tmpVolDir)}}) 46 47 tmpDir := getTestDir(c, "test-cp-to-check-ownership") 48 defer os.RemoveAll(tmpDir) 49 50 makeTestContentInDir(c, tmpDir) 51 52 srcPath := cpPath(tmpDir, "file1") 53 dstPath := containerCpPath(containerID, "/tmpvol", "file1") 54 55 err := runDockerCp(c, srcPath, dstPath, nil) 56 c.Assert(err, checker.IsNil) 57 58 stat, err := system.Stat(filepath.Join(tmpVolDir, "file1")) 59 c.Assert(err, checker.IsNil) 60 uid, gid, err := getRootUIDGID() 61 c.Assert(err, checker.IsNil) 62 c.Assert(stat.UID(), checker.Equals, uint32(uid), check.Commentf("Copied file not owned by container root UID")) 63 c.Assert(stat.GID(), checker.Equals, uint32(gid), check.Commentf("Copied file not owned by container root GID")) 64 } 65 66 func getRootUIDGID() (int, int, error) { 67 uidgid := strings.Split(filepath.Base(testEnv.DaemonInfo.DockerRootDir), ".") 68 if len(uidgid) == 1 { 69 //user namespace remapping is not turned on; return 0 70 return 0, 0, nil 71 } 72 uid, err := strconv.Atoi(uidgid[0]) 73 if err != nil { 74 return 0, 0, err 75 } 76 gid, err := strconv.Atoi(uidgid[1]) 77 if err != nil { 78 return 0, 0, err 79 } 80 return uid, gid, nil 81 }