From 4509f2a6d4b5ff7b0cb1df5177bf557950c67d15 Mon Sep 17 00:00:00 2001 From: gaohuatao Date: Tue, 3 Nov 2020 11:17:13 +0800 Subject: [PATCH 18/28] iSulad: add ISULAD_TMPDIR env variable Signed-off-by: gaohuatao --- src/common/constants.h | 2 +- src/contrib/config/iSulad.sysconfig | 4 ++ src/daemon/modules/image/oci/oci_image.c | 17 ++++-- src/daemon/modules/image/oci/oci_load.c | 58 +++++++++++++++---- .../modules/image/oci/registry/registry.c | 31 ++++++++-- src/daemon/modules/image/oci/registry_type.h | 1 - .../modules/image/oci/storage/storage.c | 32 +++++++++- .../modules/image/oci/storage/storage.h | 3 +- src/daemon/modules/image/oci/utils_images.c | 35 +++++++++++ src/daemon/modules/image/oci/utils_images.h | 5 +- 10 files changed, 162 insertions(+), 26 deletions(-) diff --git a/src/common/constants.h b/src/common/constants.h index 52bb0a8..457e242 100644 --- a/src/common/constants.h +++ b/src/common/constants.h @@ -44,7 +44,7 @@ extern "C" { #define LOG_DIRECTORY_MODE 0750 -#define TEMP_DIRECTORY_MODE 0750 +#define TEMP_DIRECTORY_MODE 0700 #define CONSOLE_FIFO_DIRECTORY_MODE 0770 diff --git a/src/contrib/config/iSulad.sysconfig b/src/contrib/config/iSulad.sysconfig index 580d6de..5d222f9 100644 --- a/src/contrib/config/iSulad.sysconfig +++ b/src/contrib/config/iSulad.sysconfig @@ -20,3 +20,7 @@ #SYSMONITOR_OPTIONS='-H unix:///var/run/isulad.sock' #SYSMONITOR_OPTIONS='-H tcp://127.0.0.1:2375' #SYSMONITOR_OPTIONS='-H tcp://127.0.0.1:2375 --tlsverify --tlscacert=/root/.iSulad/ca.pem --tlscert=/root/.iSulad/cert.pem --tlskey=/root/.iSulad/key.pem' + +# Location used for temporary files, such as those created by isula load and pull operations. +# Default is /var/tmp. Can be overridden by setting the following env variable. +# ISULAD_TMPDIR=/var/tmp \ No newline at end of file diff --git a/src/daemon/modules/image/oci/oci_image.c b/src/daemon/modules/image/oci/oci_image.c index f544019..f0ba19c 100644 --- a/src/daemon/modules/image/oci/oci_image.c +++ b/src/daemon/modules/image/oci/oci_image.c @@ -152,13 +152,22 @@ out: static void cleanup_image_tmpdir() { - if (util_recursive_rmdir(IMAGE_TMP_PATH, 0)) { - ERROR("failed to remove directory %s", IMAGE_TMP_PATH); + char *image_tmp_path = NULL; + + image_tmp_path = get_image_tmp_path(); + if (image_tmp_path == NULL) { + ERROR("failed to get image tmp path"); + return; + } + + if (util_recursive_rmdir(image_tmp_path, 0)) { + ERROR("failed to remove directory %s", image_tmp_path); } - if (util_mkdir_p(IMAGE_TMP_PATH, 0600)) { - ERROR("failed to create directory %s", IMAGE_TMP_PATH); + if (util_mkdir_p(image_tmp_path, TEMP_DIRECTORY_MODE)) { + ERROR("failed to create directory %s", image_tmp_path); } + free(image_tmp_path); return; } diff --git a/src/daemon/modules/image/oci/oci_load.c b/src/daemon/modules/image/oci/oci_load.c index 5511c04..073ad55 100644 --- a/src/daemon/modules/image/oci/oci_load.c +++ b/src/daemon/modules/image/oci/oci_load.c @@ -44,7 +44,6 @@ #define MANIFEST_BIG_DATA_KEY "manifest" #define OCI_SCHEMA_VERSION 2 -#define OCI_LOAD_TMP_DIR OCI_LOAD_TMP_WORK_DIR "/oci-image-load-XXXXXX" static image_manifest_items_element **load_manifest(const char *fname, size_t *length) { @@ -1008,6 +1007,47 @@ out: return res; } +static char *oci_load_path_create() +{ + int ret = 0; + int nret = 0; + char *oci_load_work_dir = NULL; + char tmp_dir[PATH_MAX] = { 0 }; + + oci_load_work_dir = storage_oci_load_work_dir(); + if (oci_load_work_dir == NULL) { + ERROR("Failed to get oci load work dir"); + isulad_try_set_error_message("Failed to get oci load work dir"); + ret = -1; + goto out; + } + + if (util_mkdir_p(oci_load_work_dir, TEMP_DIRECTORY_MODE) != 0) { + ERROR("Unable to create oci image load tmp work dir:%s", oci_load_work_dir); + isulad_try_set_error_message("Unable to create oci image load tmp work dir:%s", oci_load_work_dir); + ret = -1; + goto out; + } + + nret = snprintf(tmp_dir, PATH_MAX, "%s/oci-image-load-XXXXXX", oci_load_work_dir); + if (nret < 0 || (size_t)nret >= sizeof(tmp_dir)) { + ERROR("Path is too long"); + ret = -1; + goto out; + } + + if (mkdtemp(tmp_dir) == NULL) { + ERROR("make temporary dir failed: %s", strerror(errno)); + isulad_try_set_error_message("make temporary dir failed: %s", strerror(errno)); + ret = -1; + goto out; + } + +out: + free(oci_load_work_dir); + return ret == 0 ? util_strdup_s(tmp_dir) : NULL; +} + int oci_do_load(const im_load_request *request) { int ret = 0; @@ -1019,23 +1059,16 @@ int oci_do_load(const im_load_request *request) size_t manifest_len = 0; load_image_t *im = NULL; char *digest = NULL; - char dstdir[] = OCI_LOAD_TMP_DIR; + char *dstdir = NULL; if (request == NULL || request->file == NULL) { ERROR("Invalid input arguments, cannot load image"); return -1; } - if (util_mkdir_p(OCI_LOAD_TMP_WORK_DIR, TEMP_DIRECTORY_MODE) != 0) { - ERROR("Unable to create oci image load tmp work dir:%s", OCI_LOAD_TMP_WORK_DIR); - isulad_try_set_error_message("Unable to create oci image load tmp work dir:%s", OCI_LOAD_TMP_WORK_DIR); - ret = -1; - goto out; - } - - if (mkdtemp(dstdir) == NULL) { - ERROR("make temporary direcory failed: %s", strerror(errno)); - isulad_try_set_error_message("make temporary direcory failed: %s", strerror(errno)); + dstdir = oci_load_path_create(); + if (dstdir == NULL) { + ERROR("create temporary direcory failed"); ret = -1; goto out; } @@ -1132,5 +1165,6 @@ out: if (util_recursive_rmdir(dstdir, 0)) { WARN("failed to remove directory %s", dstdir); } + free(dstdir); return ret; } diff --git a/src/daemon/modules/image/oci/registry/registry.c b/src/daemon/modules/image/oci/registry/registry.c index 2d38ea5..e4cffdc 100644 --- a/src/daemon/modules/image/oci/registry/registry.c +++ b/src/daemon/modules/image/oci/registry/registry.c @@ -1682,8 +1682,9 @@ static int prepare_pull_desc(pull_descriptor *desc, registry_pull_options *optio { int ret = 0; int sret = 0; - char blobpath[] = REGISTRY_TMP_DIR; + char blobpath[PATH_MAX] = { 0 }; char scope[PATH_MAX] = { 0 }; + char *image_tmp_path = NULL; if (desc == NULL || options == NULL) { ERROR("Invalid NULL param"); @@ -1717,6 +1718,20 @@ static int prepare_pull_desc(pull_descriptor *desc, registry_pull_options *optio update_host(desc); + image_tmp_path = get_image_tmp_path(); + if (image_tmp_path == NULL) { + ERROR("failed to get image tmp work dir"); + ret = -1; + goto out; + } + + sret = snprintf(blobpath, PATH_MAX, "%s/registry-XXXXXX", image_tmp_path); + if (sret < 0 || (size_t)sret > PATH_MAX) { + ERROR("image tmp work path too long"); + ret = -1; + goto out; + } + if (mkdtemp(blobpath) == NULL) { ERROR("make temporary direcory failed: %s", strerror(errno)); ret = -1; @@ -1752,7 +1767,7 @@ static int prepare_pull_desc(pull_descriptor *desc, registry_pull_options *optio } out: - + free(image_tmp_path); return ret; } @@ -1844,10 +1859,18 @@ static void cached_layers_kvfree(void *key, void *value) int registry_init(char *auths_dir, char *certs_dir) { int ret = 0; + char *image_tmp_path = NULL; + + image_tmp_path = get_image_tmp_path(); + if (image_tmp_path == NULL) { + ERROR("failed to get image tmp path"); + return -1; + } - if (util_mkdir_p(IMAGE_TMP_PATH, 0600)) { - ERROR("failed to create directory %s", IMAGE_TMP_PATH); + if (util_mkdir_p(image_tmp_path, TEMP_DIRECTORY_MODE)) { + ERROR("failed to create directory %s", image_tmp_path); } + free(image_tmp_path); auths_set_dir(auths_dir); certs_set_dir(certs_dir); diff --git a/src/daemon/modules/image/oci/registry_type.h b/src/daemon/modules/image/oci/registry_type.h index 9592587..e2047cb 100644 --- a/src/daemon/modules/image/oci/registry_type.h +++ b/src/daemon/modules/image/oci/registry_type.h @@ -25,7 +25,6 @@ // 8 is enough for challenge, usually only one challenge is provided. #define CHALLENGE_MAX 8 -#define REGISTRY_TMP_DIR IMAGE_TMP_PATH "registry-XXXXXX" #define MAX_LAYER_NUM 125 #define ROOTFS_TYPE "layers" diff --git a/src/daemon/modules/image/oci/storage/storage.c b/src/daemon/modules/image/oci/storage/storage.c index 6e83665..f15531b 100644 --- a/src/daemon/modules/image/oci/storage/storage.c +++ b/src/daemon/modules/image/oci/storage/storage.c @@ -1715,10 +1715,18 @@ out: int storage_module_init(struct storage_module_init_options *opts) { int ret = 0; + char *oci_load_work_dir = NULL; - ret = util_recursive_rmdir(OCI_LOAD_TMP_WORK_DIR, 0); + oci_load_work_dir = storage_oci_load_work_dir(); + if (oci_load_work_dir == NULL) { + ERROR("Get oci load work dir failed"); + ret = -1; + goto out; + } + + ret = util_recursive_rmdir(oci_load_work_dir, 0); if (ret != 0) { - ERROR("failed to remove dir %s", OCI_LOAD_TMP_WORK_DIR); + ERROR("failed to remove dir %s", oci_load_work_dir); goto out; } @@ -1775,5 +1783,25 @@ int storage_module_init(struct storage_module_init_options *opts) } out: + free(oci_load_work_dir); return ret; } + + +char *storage_oci_load_work_dir() +{ + char *isulad_tmp = NULL; + char *oci_load_work_dir = NULL; + + isulad_tmp = oci_get_isulad_tmpdir(); + if (isulad_tmp == NULL) { + ERROR("Failed to get isulad tmp dir"); + goto out; + } + + oci_load_work_dir = util_path_join(isulad_tmp, "isulad-oci-load"); + +out: + free(isulad_tmp); + return oci_load_work_dir; +} \ No newline at end of file diff --git a/src/daemon/modules/image/oci/storage/storage.h b/src/daemon/modules/image/oci/storage/storage.h index d3c4420..b030a3a 100644 --- a/src/daemon/modules/image/oci/storage/storage.h +++ b/src/daemon/modules/image/oci/storage/storage.h @@ -32,7 +32,6 @@ extern "C" { #endif -#define OCI_LOAD_TMP_WORK_DIR "/var/tmp/isulad-oci-load" struct layer { char *id; @@ -180,6 +179,8 @@ int storage_rootfs_umount(const char *container_id, bool force); container_inspect_graph_driver *storage_get_metadata_by_container_id(const char *id); +char *storage_oci_load_work_dir(); + #ifdef __cplusplus } #endif diff --git a/src/daemon/modules/image/oci/utils_images.c b/src/daemon/modules/image/oci/utils_images.c index 42831cc..4bd2b1d 100644 --- a/src/daemon/modules/image/oci/utils_images.c +++ b/src/daemon/modules/image/oci/utils_images.c @@ -39,6 +39,7 @@ // nanos of 2038-01-19T03:14:07, the max valid linux time #define MAX_NANOS 2147483647000000000 +#define ISULAD_DEFAULT_TMP_DIR "/var/tmp" char *get_last_part(char **parts) { @@ -486,3 +487,37 @@ bool oci_valid_time(char *time) return true; } + + +char *oci_get_isulad_tmpdir() +{ + char *isula_tmp = NULL; + + isula_tmp = getenv("ISULAD_TMPDIR"); + if (util_valid_str(isula_tmp) && !util_dir_exists(isula_tmp)) { + if (util_mkdir_p(isula_tmp, TEMP_DIRECTORY_MODE) != 0) { + ERROR("make dir:%s failed", isula_tmp); + return NULL; + } + } + + return util_valid_str(isula_tmp) ? util_strdup_s(isula_tmp) : util_strdup_s(ISULAD_DEFAULT_TMP_DIR); +} + +char *get_image_tmp_path() +{ + char *isulad_tmp = NULL; + char *isula_image = NULL; + + isulad_tmp = oci_get_isulad_tmpdir(); + if (isulad_tmp == NULL) { + ERROR("Failed to get isulad tmp dir"); + goto out; + } + + isula_image = util_path_join(isulad_tmp, "isula-image"); + +out: + free(isulad_tmp); + return isula_image; +} diff --git a/src/daemon/modules/image/oci/utils_images.h b/src/daemon/modules/image/oci/utils_images.h index 4ab4afc..5dedd56 100644 --- a/src/daemon/modules/image/oci/utils_images.h +++ b/src/daemon/modules/image/oci/utils_images.h @@ -39,7 +39,6 @@ extern "C" { #define REPO_PREFIX_TO_STRIP "library/" #define MAX_ID_BUF_LEN 256 -#define IMAGE_TMP_PATH "/var/tmp/isula-image/" char *oci_get_host(const char *name); char *oci_host_from_mirror(const char *mirror); @@ -55,6 +54,10 @@ int add_rootfs_and_history(const layer_blob *layers, size_t layers_len, const re docker_image_config_v2 *config); bool oci_valid_time(char *time); +char *oci_get_isulad_tmpdir(); + +char *get_image_tmp_path(); + #ifdef __cplusplus } #endif -- 2.20.1