chrootarchive

package

v1.4.2-0...-a93e9eb Latest Latest Go to latest Published: May 11, 2020 License: Apache-2.0 Imports: 20 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/getong/docker

Documentation ¶

Rendered for

Index ¶

func ApplyLayer(dest string, layer io.Reader) (size int64, err error)
func ApplyUncompressedLayer(dest string, layer io.Reader, options *archive.TarOptions) (int64, error)
func NewArchiver(idMapping *idtools.IdentityMapping) *archive.Archiver
func Tar(srcPath string, options *archive.TarOptions, root string) (io.ReadCloser, error)
func Untar(tarArchive io.Reader, dest string, options *archive.TarOptions) error
func UntarUncompressed(tarArchive io.Reader, dest string, options *archive.TarOptions) error
func UntarWithRoot(tarArchive io.Reader, dest string, options *archive.TarOptions, root string) error

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func ApplyLayer ¶

func ApplyLayer(dest string, layer io.Reader) (size int64, err error)

ApplyLayer parses a diff in the standard layer format from `layer`, and applies it to the directory `dest`. The stream `layer` can only be uncompressed. Returns the size in bytes of the contents of the layer.

func ApplyUncompressedLayer ¶

func ApplyUncompressedLayer(dest string, layer io.Reader, options *archive.TarOptions) (int64, error)

ApplyUncompressedLayer parses a diff in the standard layer format from `layer`, and applies it to the directory `dest`. The stream `layer` can only be uncompressed. Returns the size in bytes of the contents of the layer.

func NewArchiver ¶

func NewArchiver(idMapping *idtools.IdentityMapping) *archive.Archiver

NewArchiver returns a new Archiver which uses chrootarchive.Untar

func Tar ¶

func Tar(srcPath string, options *archive.TarOptions, root string) (io.ReadCloser, error)

Tar tars the requested path while chrooted to the specified root.

func Untar ¶

func Untar(tarArchive io.Reader, dest string, options *archive.TarOptions) error

Untar reads a stream of bytes from `archive`, parses it as a tar archive, and unpacks it into the directory at `dest`. The archive may be compressed with one of the following algorithms:

identity (uncompressed), gzip, bzip2, xz.

func UntarUncompressed ¶

func UntarUncompressed(tarArchive io.Reader, dest string, options *archive.TarOptions) error

UntarUncompressed reads a stream of bytes from `archive`, parses it as a tar archive, and unpacks it into the directory at `dest`. The archive must be an uncompressed stream.

func UntarWithRoot ¶

func UntarWithRoot(tarArchive io.Reader, dest string, options *archive.TarOptions, root string) error

UntarWithRoot is the same as `Untar`, but allows you to pass in a root directory The root directory is the directory that will be chrooted to. `dest` must be a path within `root`, if it is not an error will be returned.

`root` should set to a directory which is not controlled by any potentially malicious process.

This should be used to prevent a potential attacker from manipulating `dest` such that it would provide access to files outside of `dest` through things like symlinks. Normally `ResolveSymlinksInScope` would handle this, however sanitizing symlinks in this manner is inherrently racey: ref: CVE-2018-15664

Types ¶

This section is empty.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL