func verifyRange(name string, idmap shared.IdmapEntry, c containers) (int, int, error) {
lineage := strings.Split(name, "/")
if len(lineage) == 1 {
return idmap.Hostid, idmap.Hostid + idmap.Maprange, nil
}
last := len(lineage) - 1
pname := strings.Join(lineage[0:last], "/")
parent, ok := c[pname]
if !ok || parent.hostmin == -1 {
return 0, 0, fmt.Errorf("Parent for %s (%s) is undefined", name, pname)
}
pidmap := parent.idmap.Idmap[0]
if idmap.Nsid+idmap.Maprange >= pidmap.Nsid+pidmap.Maprange || idmap.Hostid < pidmap.Nsid {
return 0, 0, fmt.Errorf("Mapping for %s exceeds its parent's, parentids should be between %d - %d",
name, pidmap.Nsid, pidmap.Nsid+pidmap.Maprange-1)
}
// make an idmap shifting the parent's mapping straight onto the host
absstr := fmt.Sprintf("b:%d:%d:%d", pidmap.Nsid, parent.hostmin, pidmap.Maprange)
m := shared.IdmapSet{}
m, err := m.Append(absstr)
if err != nil {
return 0, 0, err
}
// map the desired 'hostid' (which is really the parent-ns-id) onto the host
hoststart, _ := m.ShiftIntoNs(idmap.Hostid, idmap.Hostid)
hostend := hoststart + idmap.Maprange
return hoststart, hostend, nil
}
func containerFilePut(pid int, r *http.Request, p string, idmapset *shared.IdmapSet) Response {
uid, gid, mode, err := shared.ParseLXDFileHeaders(r.Header)
if err != nil {
return BadRequest(err)
}
uid, gid = idmapset.ShiftIntoNs(uid, gid)
if uid == -1 || gid == -1 {
return BadRequest(fmt.Errorf("unmapped uid or gid specified"))
}
temp, err := ioutil.TempFile("", "lxd_forkputfile_")
if err != nil {
return InternalError(err)
}
defer func() {
temp.Close()
os.Remove(temp.Name())
}()
_, err = io.Copy(temp, r.Body)
if err != nil {
return InternalError(err)
}
cmd := exec.Command(
os.Args[0],
"forkputfile",
temp.Name(),
fmt.Sprintf("%d", pid),
p,
fmt.Sprintf("%d", uid),
fmt.Sprintf("%d", gid),
fmt.Sprintf("%d", mode&os.ModePerm),
)
out, err := cmd.CombinedOutput()
if err != nil {
return InternalError(fmt.Errorf("%s: %s", err.Error(), string(out)))
}
return EmptySyncResponse
}
func containerFilePut(d *Daemon, pid int, r *http.Request, p string, idmapset *shared.IdmapSet) Response {
uid, gid, mode := shared.ParseLXDFileHeaders(r.Header)
if idmapset != nil {
uid, gid = idmapset.ShiftIntoNs(uid, gid)
}
temp, err := ioutil.TempFile("", "lxd_forkputfile_")
if err != nil {
return InternalError(err)
}
defer func() {
temp.Close()
os.Remove(temp.Name())
}()
_, err = io.Copy(temp, r.Body)
if err != nil {
return InternalError(err)
}
cmd := exec.Command(
d.execPath,
"forkputfile",
temp.Name(),
fmt.Sprintf("%d", pid),
p,
fmt.Sprintf("%d", uid),
fmt.Sprintf("%d", gid),
fmt.Sprintf("%d", mode&os.ModePerm),
)
out, err := cmd.CombinedOutput()
if err != nil {
return InternalError(fmt.Errorf(strings.TrimRight(string(out), "\n")))
}
return EmptySyncResponse
}