academy/mq-container
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Handle /var/mqm/ permissions in upgrade to ubi (#316)

Browse Source 
* handle /var/mqm/ permissions in upgrade to ubi
This commit is contained in:
LPowlett
2019-05-29 11:40:19 +01:00
committed by GitHub
parent 44d75b169c
commit 700cc53c07
3 changed files with 70 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGELOG.md
View File

@@ -7,7 +7,9 @@
* MQSC files supplied will be verified before being run. Files containing invalid MQSC will cause the container to fail to start * MQSC files supplied will be verified before being run. Files containing invalid MQSC will cause the container to fail to start
Other changes: Other changes:
* Security Fixes * Security fixes
* Web console added to production image
* Container built on RedHat host
## 9.1.2.0 (2019-03-21) ## 9.1.2.0 (2019-03-21)

24
cmd/runmqserver/main.go
View File

@@ -109,12 +109,36 @@ func doMain() error {
logTermination(err) logTermination(err)
return err return err
} }
err = createDirStructure() err = createDirStructure()
if err != nil { if err != nil {
logTermination(err) logTermination(err)
return err return err
} }
// handle /var/mqm/ permissions in upgrade to UBI
if *initFlag {
varMqmDirs := []string{
"/var/mqm/config",
"/var/mqm/conv",
"/var/mqm/errors",
"/var/mqm/exits",
"/var/mqm/exits64",
"/var/mqm/log",
"/var/mqm/mqft",
"/var/mqm/qmgrs",
"/var/mqm/shared",
"/var/mqm/sockets",
"/var/mqm/trace",
"/var/mqm/web",
}
err = configureOwnership(varMqmDirs)
if err != nil {
logTermination(err)
return err
}
}
// If init flag is set, exit now // If init flag is set, exit now
if *initFlag { if *initFlag {
return nil return nil

43
cmd/runmqserver/qmgr.go
View File

@@ -24,6 +24,8 @@ import (
"path/filepath" "path/filepath"
"strings" "strings"
"golang.org/x/sys/unix"
"github.com/ibm-messaging/mq-container/internal/command" "github.com/ibm-messaging/mq-container/internal/command"
containerruntime "github.com/ibm-messaging/mq-container/internal/containerruntime" containerruntime "github.com/ibm-messaging/mq-container/internal/containerruntime"
"github.com/ibm-messaging/mq-container/internal/mqscredact" "github.com/ibm-messaging/mq-container/internal/mqscredact"
@@ -41,6 +43,47 @@ func createDirStructure() error {
return nil return nil
} }
// configureOwnership recursively handles ownership of files within the given filepath
func configureOwnership(paths []string) error {
uid, gid, err := command.LookupMQM()
if err != nil {
return err
}
var fileInfo *unix.Stat_t
fileInfo = new(unix.Stat_t)
for _, root := range paths {
_, err = os.Stat(root)
if err != nil {
if os.IsNotExist(err) {
continue
}
return err
}
err = filepath.Walk(root, func(from string, info os.FileInfo, err error) error {
if err != nil {
return err
}
to := fmt.Sprintf("%v%v", root, from[len(root):])
err = unix.Stat(to, fileInfo)
if err != nil {
return err
}
fileUID := fmt.Sprint(fileInfo.Uid)
if strings.Compare(fileUID, "999") == 0 {
err = os.Chown(to, uid, gid)
if err != nil {
return err
}
}
return nil
})
if err != nil {
return err
}
}
return nil
}
// createQueueManager creates a queue manager, if it doesn't already exist. // createQueueManager creates a queue manager, if it doesn't already exist.
// It returns true if one was created (or a standby was created), or false if one already existed // It returns true if one was created (or a standby was created), or false if one already existed
func createQueueManager(name string) (bool, error) { func createQueueManager(name string) (bool, error) {