pool/docker
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
069b069692
docker/0007-bsc1214855-volume-use-AtomicWriteFile-to-save-volume.patch
Aleksa Sarai 2b14743f6e Accepting request 1190567 from home:cyphar:docker 
- Update to Docker 26.1.5-ce. See upstream changelog online at
  <https://docs.docker.com/engine/release-notes/26.1/#2615>
- This update includes a fix for CVE-2024-41110. bsc#1228324
- Rebase patches:
  * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
  * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
  * 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
  * 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
  * 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
  * 0006-bsc1221916-update-to-patched-buildkit-version-to-fix.patch
  * 0007-bsc1214855-volume-use-AtomicWriteFile-to-save-volume.patch
  * cli-0001-docs-include-required-tools-in-source-tree.patch

OBS-URL: https://build.opensuse.org/request/show/1190567
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=406
2024-07-31 05:49:49 +00:00

54 lines
2.0 KiB
Diff
Raw Blame History

From 62035ba22a45bde6bed2da321e7ad954f5b461b4 Mon Sep 17 00:00:00 2001
From: Aleksa Sarai <cyphar@cyphar.com>
Date: Wed, 19 Jun 2024 16:30:49 +1000
Subject: [PATCH 7/7] bsc1214855: volume: use AtomicWriteFile to save volume
options
If the system (or Docker) crashes while saivng the volume options, on
restart the daemon will error out when trying to read the options file
because it doesn't contain valid JSON.
In such a crash scenario, the new volume will be treated as though it
has the default options configuration. This is not ideal, but volumes
created on very old Docker versions (pre-1.11[1], circa 2016) do not
have opts.json and so doing some kind of cleanup when loading the volume
store (even if we take care to only delete empty volumes) could delete
existing volumes carried over from very old Docker versions that users
would not expect to disappear.
Ultimately, if a user creates a volume and the system crashes, a volume
that has the wrong config is better than Docker not being able to start.
[1]: commit b05b2370757d ("Support mount opts for `local` volume driver")
SUSE-Bugs: https://bugzilla.suse.com/show_bug.cgi?id=1214855
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
---
volume/local/local.go | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/volume/local/local.go b/volume/local/local.go
index 6e96aeea4189..4412f34a3da9 100644
--- a/volume/local/local.go
+++ b/volume/local/local.go
@@ -17,6 +17,7 @@ import (
"github.com/docker/docker/daemon/names"
"github.com/docker/docker/errdefs"
"github.com/docker/docker/pkg/idtools"
+ "github.com/docker/docker/pkg/ioutils"
"github.com/docker/docker/quota"
"github.com/docker/docker/volume"
"github.com/pkg/errors"
@@ -388,7 +389,7 @@ func (v *localVolume) saveOpts() error {
if err != nil {
return err
}
- err = os.WriteFile(filepath.Join(v.rootPath, "opts.json"), b, 0o600)
+ err = ioutils.AtomicWriteFile(filepath.Join(v.rootPath, "opts.json"), b, 0o600)
if err != nil {
return errdefs.System(errors.Wrap(err, "error while persisting volume options"))
}
--
2.45.2
Reference in New Issue View Git Blame Copy Permalink