github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

Merge pull request #10516 from etungsten/ensure-state-dir-perms

Browse Source 
Ensure /run/containerd gets created with correct perms
This commit is contained in:
Phil Estes 2024-07-31 14:22:04 +00:00 committed by GitHub
commit 7a804489fd
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
cmd/containerd/server/server.go
View File

@ -88,6 +88,15 @@ func CreateTopLevelDirectories(config *srvconfig.Config) error {
if err := sys.MkdirAllWithACL(config.State, 0o711); err != nil {
return err
}
if config.State != defaults.DefaultStateDir {
// XXX: socketRoot in pkg/shim is hard-coded to the default state directory.
// See https://github.com/containerd/containerd/issues/10502#issuecomment-2249268582 for why it's set up that way.
// The default fifo directory in pkg/cio is also configured separately and defaults to the default state directory instead of the configured state directory.
// Make sure the default state directory is created with the correct permissions.
if err := sys.MkdirAllWithACL(defaults.DefaultStateDir, 0o711); err != nil {
return err
}
}
if config.TempDir != "" {
if err := sys.MkdirAllWithACL(config.TempDir, 0o711); err != nil {