def _is_seccomp_patched(self, executable):
"""Check if kernel has ptrace/seccomp fixes added
on 4.8.0.
Only required for kernels below 4.8.0 to check
if the patch has been backported e.g CentOS 7
"""
if "PROOT_NEW_SECCOMP" in os.environ:
return True
if ("PROOT_NO_SECCOMP" in os.environ or self.proot_noseccomp
or HostInfo().oskernel_isgreater([4, 8, 0])):
return False
host_file = self.container_dir + "/osenv.json"
host_info = self._is_same_osenv(host_file)
if host_info:
if "PROOT_NEW_SECCOMP" in host_info:
return True
return False
out = Uprocess().get_output(
[executable, "-r", "/", executable, "--help"])
if not out:
os.environ["PROOT_NEW_SECCOMP"] = "1"
out = Uprocess().get_output(
[executable, "-r", "/", executable, "--help"])
del os.environ["PROOT_NEW_SECCOMP"]
if out:
self._save_osenv(host_file, dict([
("PROOT_NEW_SECCOMP", 1),
]))
return True
self._save_osenv(host_file)
return False
def _apply_whiteouts(self, tarf, destdir):
"""The layered filesystem of docker uses whiteout files
to identify files or directories to be removed.
The format is .wh.<filename>
"""
verbose = ""
if Msg.level >= Msg.VER:
verbose = 'v'
Msg().out("Info: applying whiteouts:", tarf, l=Msg.INF)
wildcards = [
"--wildcards",
]
if not HostInfo().cmd_has_option("tar", wildcards[0]):
wildcards = []
cmd = ["tar", "t" + verbose] + wildcards + ["-f", tarf, r"*/.wh.*"]
whiteouts = Uprocess().get_output(cmd, True)
if not whiteouts:
return
for wh_filename in whiteouts.split('\n'):
if wh_filename:
wh_basename = os.path.basename(wh_filename.strip())
wh_dirname = os.path.dirname(wh_filename)
if wh_basename == ".wh..wh..opq":
if not os.path.isdir(destdir + '/' + wh_dirname):
continue
for f_name in os.listdir(destdir + '/' + wh_dirname):
rm_filename = destdir + '/' \
+ wh_dirname + '/' + f_name
FileUtil(rm_filename).remove(recursive=True)
elif wh_basename.startswith(".wh."):
rm_filename = destdir + '/' \
+ wh_dirname + '/' \
+ wh_basename.replace(".wh.", "", 1)
FileUtil(rm_filename).remove(recursive=True)
return
def verify_tar(self):
"""Verify a tar file: tar tvf file.tar"""
if not os.path.isfile(self.filename):
return False
verbose = ''
if Msg.level >= Msg.VER:
verbose = 'v'
cmd = ["tar", "t" + verbose + "f", self.filename]
if Uprocess().call(cmd, stderr=Msg.chlderr, stdout=Msg.chlderr,
close_fds=True):
return False
return True
def copydir(self, destdir, sourcedir=None):
"""Copy directories"""
if sourcedir is None:
sourcedir = self.filename
verbose = ''
if Msg.level >= Msg.VER:
verbose = 'v'
cmd_tarc = ["tar", "-C", sourcedir, "-c" + verbose,
"--one-file-system", "-S", "--xattrs", "-f", "-", "."]
cmd_tarx = ["tar", "-C", destdir, "-x" + verbose, "-f", "-"]
status = Uprocess().pipe(cmd_tarc, cmd_tarx)
if not status:
Msg().err("Error: copying:", sourcedir, " to ", destdir, l=Msg.VER)
return status
def tar(self, tarfile, sourcedir=None):
"""Create a tar file for a given sourcedir"""
#cmd += r" --xform 's:^\./::' "
if sourcedir is None:
sourcedir = self.filename
verbose = ''
if Msg.level >= Msg.VER:
verbose = 'v'
cmd = ["tar", "-C", sourcedir, "-c" + verbose, "--one-file-system",
"-S", "--xattrs", "-f", tarfile, "."]
status = Uprocess().call(cmd, stderr=Msg.chlderr, close_fds=True)
if status:
Msg().err("Error: creating tar file:", tarfile)
return not status