diff --git a/pkg/util/mount/fake.go b/pkg/util/mount/fake.go index 6e1fd4ec875..e594d3f0f86 100644 --- a/pkg/util/mount/fake.go +++ b/pkg/util/mount/fake.go @@ -261,10 +261,10 @@ func (hu *FakeHostUtil) EvalHostSymlinks(pathname string) (string, error) { return pathname, nil } -// GetFSGroup returns FSGroup of pathname. +// GetOwner returns the integer ID for the user and group of the given path // Not implemented for testing -func (hu *FakeHostUtil) GetFSGroup(pathname string) (int64, error) { - return -1, errors.New("GetFSGroup not implemented") +func (hu *FakeHostUtil) GetOwner(pathname string) (int64, int64, error) { + return -1, -1, errors.New("GetOwner not implemented") } // GetSELinuxSupport tests if pathname is on a mount that supports SELinux. diff --git a/pkg/util/mount/mount.go b/pkg/util/mount/mount.go index f7dfac49cf8..476f1f7844b 100644 --- a/pkg/util/mount/mount.go +++ b/pkg/util/mount/mount.go @@ -95,8 +95,8 @@ type HostUtils interface { ExistsPath(pathname string) (bool, error) // EvalHostSymlinks returns the path name after evaluating symlinks. EvalHostSymlinks(pathname string) (string, error) - // GetFSGroup returns FSGroup of the path. - GetFSGroup(pathname string) (int64, error) + // GetOwner returns the integer ID for the user and group of the given path + GetOwner(pathname string) (int64, int64, error) // GetSELinuxSupport returns true if given path is on a mount that supports // SELinux. GetSELinuxSupport(pathname string) (bool, error) diff --git a/pkg/util/mount/mount_linux.go b/pkg/util/mount/mount_linux.go index 19cd42da89b..a29d4f83e0d 100644 --- a/pkg/util/mount/mount_linux.go +++ b/pkg/util/mount/mount_linux.go @@ -758,26 +758,28 @@ func (hu *hostUtil) GetSELinuxSupport(pathname string) (bool, error) { return GetSELinux(pathname, procMountInfoPath) } -func (hu *hostUtil) GetFSGroup(pathname string) (int64, error) { +// GetOwner returns the integer ID for the user and group of the given path +func (hu *hostUtil) GetOwner(pathname string) (int64, int64, error) { realpath, err := filepath.EvalSymlinks(pathname) if err != nil { - return 0, err + return -1, -1, err } - return GetFSGroupLinux(realpath) + return GetOwnerLinux(realpath) } func (hu *hostUtil) GetMode(pathname string) (os.FileMode, error) { return GetModeLinux(pathname) } -// GetFSGroupLinux is shared between Linux and NsEnterMounter +// GetOwnerLinux is shared between Linux and NsEnterMounter // pathname must already be evaluated for symlinks -func GetFSGroupLinux(pathname string) (int64, error) { +func GetOwnerLinux(pathname string) (int64, int64, error) { info, err := os.Stat(pathname) if err != nil { - return 0, err + return -1, -1, err } - return int64(info.Sys().(*syscall.Stat_t).Gid), nil + stat := info.Sys().(*syscall.Stat_t) + return int64(stat.Uid), int64(stat.Gid), nil } // GetModeLinux is shared between Linux and NsEnterMounter diff --git a/pkg/util/mount/mount_unsupported.go b/pkg/util/mount/mount_unsupported.go index 1ae29b3bfa1..acf03b81d76 100644 --- a/pkg/util/mount/mount_unsupported.go +++ b/pkg/util/mount/mount_unsupported.go @@ -130,8 +130,9 @@ func (hu *hostUtil) EvalHostSymlinks(pathname string) (string, error) { return "", errUnsupported } -func (hu *hostUtil) GetFSGroup(pathname string) (int64, error) { - return -1, errUnsupported +// GetOwner returns the integer ID for the user and group of the given path +func (hu *hostUtil) GetOwner(pathname string) (int64, int64, error) { + return -1, -1, errUnsupported } func (hu *hostUtil) GetSELinuxSupport(pathname string) (bool, error) { diff --git a/pkg/util/mount/mount_windows.go b/pkg/util/mount/mount_windows.go index 30f86c0cd53..76ee0dbd336 100644 --- a/pkg/util/mount/mount_windows.go +++ b/pkg/util/mount/mount_windows.go @@ -403,10 +403,11 @@ func (hu *hostUtil) EvalHostSymlinks(pathname string) (string, error) { return filepath.EvalSymlinks(pathname) } -// Note that on windows, it always returns 0. We actually don't set FSGroup on +// GetOwner returns the integer ID for the user and group of the given path +// Note that on windows, it always returns 0. We actually don't set Group on // windows platform, see SetVolumeOwnership implementation. -func (hu *hostUtil) GetFSGroup(pathname string) (int64, error) { - return 0, nil +func (hu *hostUtil) GetOwner(pathname string) (int64, int64, error) { + return -1, -1, nil } func (hu *hostUtil) GetSELinuxSupport(pathname string) (bool, error) { diff --git a/pkg/volume/local/local.go b/pkg/volume/local/local.go index 4e42c27c117..88ce005eeac 100644 --- a/pkg/volume/local/local.go +++ b/pkg/volume/local/local.go @@ -25,7 +25,7 @@ import ( "k8s.io/klog" - "k8s.io/api/core/v1" + v1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/types" "k8s.io/client-go/tools/record" @@ -480,7 +480,7 @@ func (m *localVolumeMounter) SetUpAt(dir string, mounterArgs volume.MounterArgs) refs = m.filterPodMounts(refs) if len(refs) > 0 { fsGroupNew := int64(*mounterArgs.FsGroup) - fsGroupOld, err := m.hostUtil.GetFSGroup(m.globalPath) + _, fsGroupOld, err := m.hostUtil.GetOwner(m.globalPath) if err != nil { return fmt.Errorf("failed to check fsGroup for %s (%v)", m.globalPath, err) } diff --git a/pkg/volume/util/nsenter/nsenter_mount.go b/pkg/volume/util/nsenter/nsenter_mount.go index 001be408e7d..6eda996b213 100644 --- a/pkg/volume/util/nsenter/nsenter_mount.go +++ b/pkg/volume/util/nsenter/nsenter_mount.go @@ -334,14 +334,14 @@ func (hu *hostUtil) EvalHostSymlinks(pathname string) (string, error) { return hu.ne.EvalSymlinks(pathname, true) } -// GetFSGroup returns FSGroup of pathname. -func (hu *hostUtil) GetFSGroup(pathname string) (int64, error) { +// GetOwner returns the integer ID for the user and group of the given path +func (hu *hostUtil) GetOwner(pathname string) (int64, int64, error) { hostPath, err := hu.ne.EvalSymlinks(pathname, true /* mustExist */) if err != nil { - return -1, err + return -1, -1, err } kubeletpath := hu.ne.KubeletPath(hostPath) - return mount.GetFSGroupLinux(kubeletpath) + return mount.GetOwnerLinux(kubeletpath) } // GetSELinuxSupport tests if pathname is on a mount that supports SELinux. diff --git a/pkg/volume/util/nsenter/nsenter_mount_unsupported.go b/pkg/volume/util/nsenter/nsenter_mount_unsupported.go index e76a0667672..be88283a4fd 100644 --- a/pkg/volume/util/nsenter/nsenter_mount_unsupported.go +++ b/pkg/volume/util/nsenter/nsenter_mount_unsupported.go @@ -134,9 +134,9 @@ func (*hostUtil) EvalHostSymlinks(pathname string) (string, error) { return "", errors.New("not implemented") } -// GetFSGroup returns FSGroup of pathname. Always returns an error on unsupported platforms -func (*hostUtil) GetFSGroup(pathname string) (int64, error) { - return -1, errors.New("not implemented") +// GetOwner returns the integer ID for the user and group of the given path +func (*hostUtil) GetOwner(pathname string) (int64, int64, error) { + return -1, -1, errors.New("not implemented") } // GetSELinuxSupport tests if pathname is on a mount that supports SELinux.