diff options
| author | David Calavera <david.calavera@gmail.com> | 2016-02-05 15:32:43 -0800 |
|---|---|---|
| committer | David Calavera <david.calavera@gmail.com> | 2016-02-05 15:32:43 -0800 |
| commit | a93cb2b856381dcedbada4fc5b3d3855cfa32fb9 (patch) | |
| tree | ed51c50b89dbd86586410fcf2e23f0bf924f5c09 /daemon/graphdriver | |
| parent | fa8f4aa5395349fafc9e20e579e4973ededb2d9e (diff) | |
| parent | aef0995b02a5a90ad74e6d91901d7bc8a9713796 (diff) | |
| download | docker-a93cb2b856381dcedbada4fc5b3d3855cfa32fb9.tar.gz | |
Merge pull request #20045 from estesp/zfs-userns-permissions-fix
Fix ZFS permissions bug with user namespaces
Diffstat (limited to 'daemon/graphdriver')
| -rw-r--r-- | daemon/graphdriver/zfs/zfs.go | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/daemon/graphdriver/zfs/zfs.go b/daemon/graphdriver/zfs/zfs.go index e096798348..5cc10d2e26 100644 --- a/daemon/graphdriver/zfs/zfs.go +++ b/daemon/graphdriver/zfs/zfs.go @@ -308,10 +308,14 @@ func (d *Driver) Get(id, mountLabel string) (string, error) { return "", err } - err = mount.Mount(filesystem, mountpoint, "zfs", options) - if err != nil { + if err := mount.Mount(filesystem, mountpoint, "zfs", options); err != nil { return "", fmt.Errorf("error creating zfs mount of %s to %s: %v", filesystem, mountpoint, err) } + // this could be our first mount after creation of the filesystem, and the root dir may still have root + // permissions instead of the remapped root uid:gid (if user namespaces are enabled): + if err := os.Chown(mountpoint, rootUID, rootGID); err != nil { + return "", fmt.Errorf("error modifying zfs mountpoint (%s) directory ownership: %v", mountpoint, err) + } return mountpoint, nil } |