// overlayRender renders the image that corresponds to the given hash using the
// overlay filesystem.
// It writes the manifest in the specified directory and mounts an overlay
// filesystem from the cached tree of the image as rootfs.
func overlayRender(cfg RunConfig, img types.Hash, cdir string, dest string) error {
if err := writeManifest(cfg.CommonConfig, img, dest); err != nil {
return err
}
destRootfs := path.Join(dest, "rootfs")
if err := os.MkdirAll(destRootfs, 0755); err != nil {
return err
}
cachedTreePath := cfg.Store.GetTreeStoreRootFS(img.String())
overlayDir := path.Join(cdir, "overlay", img.String())
if err := os.MkdirAll(overlayDir, 0755); err != nil {
return err
}
upperDir := path.Join(overlayDir, "upper")
if err := os.MkdirAll(upperDir, 0755); err != nil {
return err
}
workDir := path.Join(overlayDir, "work")
if err := os.MkdirAll(workDir, 0755); err != nil {
return err
}
opts := fmt.Sprintf("lowerdir=%s,upperdir=%s,workdir=%s", cachedTreePath, upperDir, workDir)
opts = label.FormatMountLabel(opts, cfg.MountLabel)
if err := syscall.Mount("overlay", destRootfs, "overlay", 0, opts); err != nil {
return fmt.Errorf("error mounting: %v", err)
}
return nil
}
// overlayRender renders the image that corresponds to the given hash using the
// overlay filesystem.
// It mounts an overlay filesystem from the cached tree of the image as rootfs.
func overlayRender(cfg RunConfig, treeStoreID string, cdir string, dest string, appName string) error {
destRootfs := path.Join(dest, "rootfs")
if err := os.MkdirAll(destRootfs, defaultRegularDirPerm); err != nil {
return err
}
cachedTreePath := cfg.Store.GetTreeStoreRootFS(treeStoreID)
overlayDir := path.Join(cdir, "overlay")
if err := os.MkdirAll(overlayDir, defaultRegularDirPerm); err != nil {
return err
}
// Since the parent directory (rkt/pods/$STATE/$POD_UUID) has the 'S_ISGID' bit, here
// we need to explicitly turn the bit off when creating this overlay
// directory so that it won't inherit the bit. Otherwise the files
// created by users within the pod will inherit the 'S_ISGID' bit
// as well.
if err := os.Chmod(overlayDir, defaultRegularDirPerm); err != nil {
return err
}
imgDir := path.Join(overlayDir, treeStoreID)
if err := os.MkdirAll(imgDir, defaultRegularDirPerm); err != nil {
return err
}
// Also make 'rkt/pods/$STATE/$POD_UUID/overlay/$IMAGE_ID' to be readable by 'rkt' group
// As 'rkt' status will read the 'rkt/pods/$STATE/$POD_UUID/overlay/$IMAGE_ID/upper/rkt/status/$APP'
// to get exit status.
if err := os.Chown(imgDir, -1, cfg.RktGid); err != nil {
return err
}
upperDir := path.Join(imgDir, "upper", appName)
if err := os.MkdirAll(upperDir, defaultRegularDirPerm); err != nil {
return err
}
if err := label.SetFileLabel(upperDir, cfg.MountLabel); err != nil {
return err
}
workDir := path.Join(imgDir, "work", appName)
if err := os.MkdirAll(workDir, defaultRegularDirPerm); err != nil {
return err
}
if err := label.SetFileLabel(workDir, cfg.MountLabel); err != nil {
return err
}
opts := fmt.Sprintf("lowerdir=%s,upperdir=%s,workdir=%s", cachedTreePath, upperDir, workDir)
opts = label.FormatMountLabel(opts, cfg.MountLabel)
if err := syscall.Mount("overlay", destRootfs, "overlay", 0, opts); err != nil {
return fmt.Errorf("error mounting: %v", err)
}
return nil
}
// Mount mounts the upper and lower directories to the destination directory.
// The MountCfg struct supplies information required to build the mount system
// call.
func Mount(cfg *MountCfg) error {
opts := fmt.Sprintf("lowerdir=%s,upperdir=%s,workdir=%s", cfg.Lower, cfg.Upper, cfg.Work)
opts = label.FormatMountLabel(opts, cfg.Lbl)
if err := syscall.Mount("overlay", cfg.Dest, "overlay", 0, opts); err != nil {
return errwrap.Wrap(fmt.Errorf("error mounting overlay with options '%s' and dest '%s'", opts, cfg.Dest), err)
}
return nil
}
// overlayRender renders the image that corresponds to the given hash using the
// overlay filesystem.
// It mounts an overlay filesystem from the cached tree of the image as rootfs.
func overlayRender(cfg RunConfig, treeStoreID string, cdir string, dest string, appName string) error {
destRootfs := path.Join(dest, "rootfs")
if err := os.MkdirAll(destRootfs, 0755); err != nil {
return err
}
cachedTreePath := cfg.Store.GetTreeStoreRootFS(treeStoreID)
overlayDir := path.Join(cdir, "overlay", treeStoreID)
if err := os.MkdirAll(overlayDir, 0755); err != nil {
return err
}
upperDir := path.Join(overlayDir, "upper", appName)
if err := os.MkdirAll(upperDir, 0755); err != nil {
return err
}
if err := label.SetFileLabel(upperDir, cfg.MountLabel); err != nil {
return err
}
workDir := path.Join(overlayDir, "work", appName)
if err := os.MkdirAll(workDir, 0755); err != nil {
return err
}
if err := label.SetFileLabel(workDir, cfg.MountLabel); err != nil {
return err
}
opts := fmt.Sprintf("lowerdir=%s,upperdir=%s,workdir=%s", cachedTreePath, upperDir, workDir)
opts = label.FormatMountLabel(opts, cfg.MountLabel)
if err := syscall.Mount("overlay", destRootfs, "overlay", 0, opts); err != nil {
return fmt.Errorf("error mounting: %v", err)
}
return nil
}