docker/buildx
1
0
Fork 0
mirror of https://gitea.com/Lydanne/buildx.git synced 2025-05-18 00:47:48 +08:00
Code Issues Packages Projects Releases 1 Wiki Activity
buildx/vendor/github.com/tonistiigi/fsutil/copy/mkdir_windows.go
CrazyMax f89f861999
config: fix file/folder ownership 
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2024-10-23 18:23:14 +02:00

104 lines
2.5 KiB
Go
Raw Blame History

//go:build windows
// +build windows
package fs
import (
"fmt"
"os"
"syscall"
"time"
"github.com/Microsoft/go-winio"
"github.com/pkg/errors"
"golang.org/x/sys/windows"
)
const (
containerAdministratorSidString = "S-1-5-93-2-1"
)
func fixRootDirectory(p string) string {
if len(p) == len(`\\?\c:`) {
if os.IsPathSeparator(p[0]) && os.IsPathSeparator(p[1]) && p[2] == '?' && os.IsPathSeparator(p[3]) && p[5] == ':' {
return p + `\`
}
}
return p
}
func Utimes(p string, tm *time.Time) error {
info, err := os.Lstat(p)
if err != nil {
return errors.Wrap(err, "fetching file info")
}
if tm != nil && info.Mode()&os.ModeSymlink == 0 {
if err := os.Chtimes(p, *tm, *tm); err != nil {
return errors.Wrap(err, "changing times")
}
}
return nil
}
func Chown(p string, old *User, fn Chowner) error {
if fn == nil {
return nil
}
user, err := fn(old)
if err != nil {
return errors.WithStack(err)
}
var userSIDstring string
if user != nil && user.SID != "" {
userSIDstring = user.SID
}
if userSIDstring == "" {
userSIDstring = containerAdministratorSidString
}
sidPtr, err := syscall.UTF16PtrFromString(userSIDstring)
if err != nil {
return errors.Wrap(err, "converting to utf16 ptr")
}
var userSID *windows.SID
if err := windows.ConvertStringSidToSid(sidPtr, &userSID); err != nil {
return errors.Wrap(err, "converting to windows SID")
}
var dacl *windows.ACL
newEntries := []windows.EXPLICIT_ACCESS{
{
AccessPermissions: windows.GENERIC_ALL,
AccessMode: windows.GRANT_ACCESS,
Inheritance: windows.SUB_CONTAINERS_AND_OBJECTS_INHERIT,
Trustee: windows.TRUSTEE{
TrusteeForm: windows.TRUSTEE_IS_SID,
TrusteeValue: windows.TrusteeValueFromSID(userSID),
},
},
}
newAcl, err := windows.ACLFromEntries(newEntries, dacl)
if err != nil {
return fmt.Errorf("adding acls: %w", err)
}
// Copy file ownership and ACL
// We need SeRestorePrivilege and SeTakeOwnershipPrivilege in order
// to restore security info on a file, especially if we're trying to
// apply security info which includes SIDs not necessarily present on
// the host.
privileges := []string{winio.SeRestorePrivilege, seTakeOwnershipPrivilege}
err = winio.RunWithPrivileges(privileges, func() error {
if err := windows.SetNamedSecurityInfo(
p, windows.SE_FILE_OBJECT,
windows.OWNER_SECURITY_INFORMATION|windows.DACL_SECURITY_INFORMATION,
userSID, nil, newAcl, nil); err != nil {
return err
}
return nil
})
return err
}
Reference in New Issue View Git Blame Copy Permalink