Bump github.com/containers/storage from 1.41.0 to 1.42.0

Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.41.0 to 1.42.0. - [Release notes](https://github.com/containers/storage/releases) - [Changelog](https://github.com/containers/storage/blob/main/docs/containers-storage-changes.md) - [Commits](https://github.com/containers/storage/compare/v1.41.0...v1.42.0) --- updated-dependencies: - dependency-name: github.com/containers/storage dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
2025-09-25 04:11:36 +00:00 · 2022-07-22 08:17:06 +00:00
parent ad12a292a3
commit b42e664854
133 changed files with 5213 additions and 2557 deletions
--- a/vendor/github.com/containers/storage/pkg/idtools/idtools.go
+++ b/vendor/github.com/containers/storage/pkg/idtools/idtools.go
@@ -6,6 +6,7 @@ import (
 	"io/ioutil"
 	"os"
 	"os/user"
+	"runtime"
 	"sort"
 	"strconv"
 	"strings"
@@ -13,7 +14,6 @@ import (
 	"syscall"

 	"github.com/containers/storage/pkg/system"
-	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
 )

@@ -38,8 +38,9 @@ func (e ranges) Swap(i, j int)      { e[i], e[j] = e[j], e[i] }
 func (e ranges) Less(i, j int) bool { return e[i].Start < e[j].Start }

 const (
-	subuidFileName string = "/etc/subuid"
-	subgidFileName string = "/etc/subgid"
+	subuidFileName          string = "/etc/subuid"
+	subgidFileName          string = "/etc/subgid"
+	ContainersOverrideXattr        = "user.containers.override_stat"
 )

 // MkdirAllAs creates a directory (include any along the path) and then modifies
@@ -118,7 +119,7 @@ func RawToContainer(hostID int, idMap []IDMap) (int, error) {
 			return contID, nil
 		}
 	}
-	return -1, fmt.Errorf("Host ID %d cannot be mapped to a container ID", hostID)
+	return -1, fmt.Errorf("host ID %d cannot be mapped to a container ID", hostID)
 }

 // RawToHost takes an id mapping and a remapped ID, and translates the ID to
@@ -138,7 +139,7 @@ func RawToHost(contID int, idMap []IDMap) (int, error) {
 			return hostID, nil
 		}
 	}
-	return -1, fmt.Errorf("Container ID %d cannot be mapped to a host ID", contID)
+	return -1, fmt.Errorf("container ID %d cannot be mapped to a host ID", contID)
 }

 // IDPair is a UID and GID pair
@@ -166,10 +167,10 @@ func NewIDMappings(username, groupname string) (*IDMappings, error) {
 		return nil, err
 	}
 	if len(subuidRanges) == 0 {
-		return nil, fmt.Errorf("No subuid ranges found for user %q in %s", username, subuidFileName)
+		return nil, fmt.Errorf("no subuid ranges found for user %q in %s", username, subuidFileName)
 	}
 	if len(subgidRanges) == 0 {
-		return nil, fmt.Errorf("No subgid ranges found for group %q in %s", groupname, subgidFileName)
+		return nil, fmt.Errorf("no subgid ranges found for group %q in %s", groupname, subgidFileName)
 	}

 	return &IDMappings{
@@ -341,16 +342,16 @@ func parseSubidFile(path, username string) (ranges, error) {
 		}
 		parts := strings.Split(text, ":")
 		if len(parts) != 3 {
-			return rangeList, fmt.Errorf("Cannot parse subuid/gid information: Format not correct for %s file", path)
+			return rangeList, fmt.Errorf("cannot parse subuid/gid information: Format not correct for %s file", path)
 		}
 		if parts[0] == username || username == "ALL" || (parts[0] == uidstr && parts[0] != "") {
 			startid, err := strconv.Atoi(parts[1])
 			if err != nil {
-				return rangeList, fmt.Errorf("String to int conversion failed during subuid/gid parsing of %s: %v", path, err)
+				return rangeList, fmt.Errorf("string to int conversion failed during subuid/gid parsing of %s: %w", path, err)
 			}
 			length, err := strconv.Atoi(parts[2])
 			if err != nil {
-				return rangeList, fmt.Errorf("String to int conversion failed during subuid/gid parsing of %s: %v", path, err)
+				return rangeList, fmt.Errorf("string to int conversion failed during subuid/gid parsing of %s: %w", path, err)
 			}
 			rangeList = append(rangeList, subIDRange{startid, length})
 		}
@@ -360,12 +361,31 @@ func parseSubidFile(path, username string) (ranges, error) {

 func checkChownErr(err error, name string, uid, gid int) error {
 	if e, ok := err.(*os.PathError); ok && e.Err == syscall.EINVAL {
-		return errors.Wrapf(err, "potentially insufficient UIDs or GIDs available in user namespace (requested %d:%d for %s): Check /etc/subuid and /etc/subgid if configured locally and run podman-system-migrate", uid, gid, name)
+		return fmt.Errorf("potentially insufficient UIDs or GIDs available in user namespace (requested %d:%d for %s): Check /etc/subuid and /etc/subgid if configured locally and run podman-system-migrate: %w", uid, gid, name, err)
 	}
 	return err
 }

 func SafeChown(name string, uid, gid int) error {
+	if runtime.GOOS == "darwin" {
+		var mode uint64 = 0o0700
+		xstat, err := system.Lgetxattr(name, ContainersOverrideXattr)
+		if err == nil {
+			attrs := strings.Split(string(xstat), ":")
+			if len(attrs) == 3 {
+				val, err := strconv.ParseUint(attrs[2], 8, 32)
+				if err == nil {
+					mode = val
+				}
+			}
+		}
+		value := fmt.Sprintf("%d:%d:0%o", uid, gid, mode)
+		if err = system.Lsetxattr(name, ContainersOverrideXattr, []byte(value), 0); err != nil {
+			return err
+		}
+		uid = os.Getuid()
+		gid = os.Getgid()
+	}
 	if stat, statErr := system.Stat(name); statErr == nil {
 		if stat.UID() == uint32(uid) && stat.GID() == uint32(gid) {
 			return nil
@@ -375,6 +395,25 @@ func SafeChown(name string, uid, gid int) error {
 }

 func SafeLchown(name string, uid, gid int) error {
+	if runtime.GOOS == "darwin" {
+		var mode uint64 = 0o0700
+		xstat, err := system.Lgetxattr(name, ContainersOverrideXattr)
+		if err == nil {
+			attrs := strings.Split(string(xstat), ":")
+			if len(attrs) == 3 {
+				val, err := strconv.ParseUint(attrs[2], 8, 32)
+				if err == nil {
+					mode = val
+				}
+			}
+		}
+		value := fmt.Sprintf("%d:%d:0%o", uid, gid, mode)
+		if err = system.Lsetxattr(name, ContainersOverrideXattr, []byte(value), 0); err != nil {
+			return err
+		}
+		uid = os.Getuid()
+		gid = os.Getgid()
+	}
 	if stat, statErr := system.Lstat(name); statErr == nil {
 		if stat.UID() == uint32(uid) && stat.GID() == uint32(gid) {
 			return nil
--- a/vendor/github.com/containers/storage/pkg/idtools/idtools_supported.go
+++ b/vendor/github.com/containers/storage/pkg/idtools/idtools_supported.go
@@ -1,11 +1,12 @@
+//go:build linux && cgo && libsubid
 // +build linux,cgo,libsubid

 package idtools

 import (
+	"errors"
+	"os/user"
 	"unsafe"
-
-	"github.com/pkg/errors"
 )

 /*
@@ -32,19 +33,34 @@ import "C"

 func readSubid(username string, isUser bool) (ranges, error) {
 	var ret ranges
+	uidstr := ""
+
 	if username == "ALL" {
 		return nil, errors.New("username ALL not supported")
 	}

+	if u, err := user.Lookup(username); err == nil {
+		uidstr = u.Uid
+	}
+
 	cUsername := C.CString(username)
 	defer C.free(unsafe.Pointer(cUsername))

+	cuidstr := C.CString(uidstr)
+	defer C.free(unsafe.Pointer(cuidstr))
+
 	var nRanges C.int
 	var cRanges *C.struct_subid_range
 	if isUser {
 		nRanges = C.subid_get_uid_ranges(cUsername, &cRanges)
+		if nRanges <= 0 {
+			nRanges = C.subid_get_uid_ranges(cuidstr, &cRanges)
+		}
 	} else {
 		nRanges = C.subid_get_gid_ranges(cUsername, &cRanges)
+		if nRanges <= 0 {
+			nRanges = C.subid_get_gid_ranges(cuidstr, &cRanges)
+		}
 	}
 	if nRanges < 0 {
 		return nil, errors.New("cannot read subids")
--- a/vendor/github.com/containers/storage/pkg/idtools/idtools_unix.go
+++ b/vendor/github.com/containers/storage/pkg/idtools/idtools_unix.go
@@ -1,3 +1,4 @@
+//go:build !windows
 // +build !windows

 package idtools
--- a/vendor/github.com/containers/storage/pkg/idtools/parser.go
+++ b/vendor/github.com/containers/storage/pkg/idtools/parser.go
@@ -11,22 +11,22 @@ import (
 func parseTriple(spec []string) (container, host, size uint32, err error) {
 	cid, err := strconv.ParseUint(spec[0], 10, 32)
 	if err != nil {
-		return 0, 0, 0, fmt.Errorf("error parsing id map value %q: %v", spec[0], err)
+		return 0, 0, 0, fmt.Errorf("parsing id map value %q: %w", spec[0], err)
 	}
 	hid, err := strconv.ParseUint(spec[1], 10, 32)
 	if err != nil {
-		return 0, 0, 0, fmt.Errorf("error parsing id map value %q: %v", spec[1], err)
+		return 0, 0, 0, fmt.Errorf("parsing id map value %q: %w", spec[1], err)
 	}
 	sz, err := strconv.ParseUint(spec[2], 10, 32)
 	if err != nil {
-		return 0, 0, 0, fmt.Errorf("error parsing id map value %q: %v", spec[2], err)
+		return 0, 0, 0, fmt.Errorf("parsing id map value %q: %w", spec[2], err)
 	}
 	return uint32(cid), uint32(hid), uint32(sz), nil
 }

 // ParseIDMap parses idmap triples from string.
 func ParseIDMap(mapSpec []string, mapSetting string) (idmap []IDMap, err error) {
-	stdErr := fmt.Errorf("error initializing ID mappings: %s setting is malformed expected [\"uint32:uint32:uint32\"]: %q", mapSetting, mapSpec)
+	stdErr := fmt.Errorf("initializing ID mappings: %s setting is malformed expected [\"uint32:uint32:uint32\"]: %q", mapSetting, mapSpec)
 	for _, idMapSpec := range mapSpec {
 		if idMapSpec == "" {
 			continue
--- a/vendor/github.com/containers/storage/pkg/idtools/usergroupadd_linux.go
+++ b/vendor/github.com/containers/storage/pkg/idtools/usergroupadd_linux.go
@@ -37,32 +37,32 @@ var (
 // mapping ranges in containers.
 func AddNamespaceRangesUser(name string) (int, int, error) {
 	if err := addUser(name); err != nil {
-		return -1, -1, fmt.Errorf("Error adding user %q: %v", name, err)
+		return -1, -1, fmt.Errorf("adding user %q: %w", name, err)
 	}

 	// Query the system for the created uid and gid pair
 	out, err := execCmd("id", name)
 	if err != nil {
-		return -1, -1, fmt.Errorf("Error trying to find uid/gid for new user %q: %v", name, err)
+		return -1, -1, fmt.Errorf("trying to find uid/gid for new user %q: %w", name, err)
 	}
 	matches := idOutRegexp.FindStringSubmatch(strings.TrimSpace(string(out)))
 	if len(matches) != 3 {
-		return -1, -1, fmt.Errorf("Can't find uid, gid from `id` output: %q", string(out))
+		return -1, -1, fmt.Errorf("can't find uid, gid from `id` output: %q", string(out))
 	}
 	uid, err := strconv.Atoi(matches[1])
 	if err != nil {
-		return -1, -1, fmt.Errorf("Can't convert found uid (%s) to int: %v", matches[1], err)
+		return -1, -1, fmt.Errorf("can't convert found uid (%s) to int: %w", matches[1], err)
 	}
 	gid, err := strconv.Atoi(matches[2])
 	if err != nil {
-		return -1, -1, fmt.Errorf("Can't convert found gid (%s) to int: %v", matches[2], err)
+		return -1, -1, fmt.Errorf("can't convert found gid (%s) to int: %w", matches[2], err)
 	}

 	// Now we need to create the subuid/subgid ranges for our new user/group (system users
 	// do not get auto-created ranges in subuid/subgid)

 	if err := createSubordinateRanges(name); err != nil {
-		return -1, -1, fmt.Errorf("Couldn't create subordinate ID ranges: %v", err)
+		return -1, -1, fmt.Errorf("couldn't create subordinate ID ranges: %w", err)
 	}
 	return uid, gid, nil
 }
@@ -77,12 +77,12 @@ func addUser(userName string) error {
 		}
 	})
 	if userCommand == "" {
-		return fmt.Errorf("Cannot add user; no useradd/adduser binary found")
+		return fmt.Errorf("cannot add user; no useradd/adduser binary found")
 	}
 	args := fmt.Sprintf(cmdTemplates[userCommand], userName)
 	out, err := execCmd(userCommand, args)
 	if err != nil {
-		return fmt.Errorf("Failed to add user with error: %v; output: %q", err, string(out))
+		return fmt.Errorf("failed to add user with error: %w; output: %q", err, string(out))
 	}
 	return nil
 }
@@ -93,33 +93,33 @@ func createSubordinateRanges(name string) error {
 	// by the distro tooling
 	ranges, err := readSubuid(name)
 	if err != nil {
-		return fmt.Errorf("Error while looking for subuid ranges for user %q: %v", name, err)
+		return fmt.Errorf("while looking for subuid ranges for user %q: %w", name, err)
 	}
 	if len(ranges) == 0 {
 		// no UID ranges; let's create one
 		startID, err := findNextUIDRange()
 		if err != nil {
-			return fmt.Errorf("Can't find available subuid range: %v", err)
+			return fmt.Errorf("can't find available subuid range: %w", err)
 		}
 		out, err := execCmd(userMod, fmt.Sprintf(cmdTemplates[userMod], "v", startID, startID+defaultRangeLen-1, name))
 		if err != nil {
-			return fmt.Errorf("Unable to add subuid range to user: %q; output: %s, err: %v", name, out, err)
+			return fmt.Errorf("unable to add subuid range to user: %q; output: %s, err: %w", name, out, err)
 		}
 	}

 	ranges, err = readSubgid(name)
 	if err != nil {
-		return fmt.Errorf("Error while looking for subgid ranges for user %q: %v", name, err)
+		return fmt.Errorf("while looking for subgid ranges for user %q: %w", name, err)
 	}
 	if len(ranges) == 0 {
 		// no GID ranges; let's create one
 		startID, err := findNextGIDRange()
 		if err != nil {
-			return fmt.Errorf("Can't find available subgid range: %v", err)
+			return fmt.Errorf("can't find available subgid range: %w", err)
 		}
 		out, err := execCmd(userMod, fmt.Sprintf(cmdTemplates[userMod], "w", startID, startID+defaultRangeLen-1, name))
 		if err != nil {
-			return fmt.Errorf("Unable to add subgid range to user: %q; output: %s, err: %v", name, out, err)
+			return fmt.Errorf("unable to add subgid range to user: %q; output: %s, err: %w", name, out, err)
 		}
 	}
 	return nil
@@ -128,7 +128,7 @@ func createSubordinateRanges(name string) error {
 func findNextUIDRange() (int, error) {
 	ranges, err := readSubuid("ALL")
 	if err != nil {
-		return -1, fmt.Errorf("Couldn't parse all ranges in /etc/subuid file: %v", err)
+		return -1, fmt.Errorf("couldn't parse all ranges in /etc/subuid file: %w", err)
 	}
 	sort.Sort(ranges)
 	return findNextRangeStart(ranges)
@@ -137,7 +137,7 @@ func findNextUIDRange() (int, error) {
 func findNextGIDRange() (int, error) {
 	ranges, err := readSubgid("ALL")
 	if err != nil {
-		return -1, fmt.Errorf("Couldn't parse all ranges in /etc/subgid file: %v", err)
+		return -1, fmt.Errorf("couldn't parse all ranges in /etc/subgid file: %w", err)
 	}
 	sort.Sort(ranges)
 	return findNextRangeStart(ranges)
--- a/vendor/github.com/containers/storage/pkg/idtools/usergroupadd_unsupported.go
+++ b/vendor/github.com/containers/storage/pkg/idtools/usergroupadd_unsupported.go
@@ -1,3 +1,4 @@
+//go:build !linux
 // +build !linux

 package idtools
@@ -8,5 +9,5 @@ import "fmt"
 // and calls the appropriate helper function to add the group and then
 // the user to the group in /etc/group and /etc/passwd respectively.
 func AddNamespaceRangesUser(name string) (int, int, error) {
-	return -1, -1, fmt.Errorf("No support for adding users or groups on this OS")
+	return -1, -1, fmt.Errorf("no support for adding users or groups on this OS")
 }
--- a/vendor/github.com/containers/storage/pkg/idtools/utils_unix.go
+++ b/vendor/github.com/containers/storage/pkg/idtools/utils_unix.go
@@ -1,3 +1,4 @@
+//go:build !windows
 // +build !windows

 package idtools
@@ -23,7 +24,7 @@ func resolveBinary(binname string) (string, error) {
 	if filepath.Base(resolvedPath) == binname {
 		return resolvedPath, nil
 	}
-	return "", fmt.Errorf("Binary %q does not resolve to a binary of that name in $PATH (%q)", binname, resolvedPath)
+	return "", fmt.Errorf("binary %q does not resolve to a binary of that name in $PATH (%q)", binname, resolvedPath)
 }

 func execCmd(cmd, args string) ([]byte, error) {