Merge 42e212f6 (automated)

author: gVisor bot <gvisor-bot@google.com> 2019-06-26 21:32:52 +0000
committer: gVisor bot <gvisor-bot@google.com> 2019-06-26 21:32:52 +0000
commit: 49a4a4a0ee03d05ed824c17e74b9a9dff1d99b21 (patch)
tree: c3b1a7bb24d44925d3d5d1ed648474fb5472e4a2 /runsc
parent: a7c509fda54d62bd90fd7702bef9c1e46e746e3a (diff)
parent: 42e212f6b7d4f6dd70e9751562f1524231e39a0e (diff)
1 files changed, 13 insertions, 0 deletions
diff --git a/runsc/boot/fs.go b/runsc/boot/fs.go
index 67a286212..5c2220d83 100644
--- a/runsc/boot/fs.go
+++ b/runsc/boot/fs.go
@@ -85,6 +85,19 @@ func addOverlay(ctx context.Context, conf *Config, lower *fs.Inode, name string,
 	if err != nil {
 		return nil, fmt.Errorf("creating tmpfs overlay: %v", err)
 	}
+
+	// Replicate permissions and owner from lower to upper mount point.
+	attr, err := lower.UnstableAttr(ctx)
+	if err != nil {
+		return nil, fmt.Errorf("reading attributes from lower mount point: %v", err)
+	}
+	if !upper.InodeOperations.SetPermissions(ctx, upper, attr.Perms) {
+		return nil, fmt.Errorf("error setting permission to upper mount point")
+	}
+	if err := upper.InodeOperations.SetOwner(ctx, upper, attr.Owner); err != nil {
+		return nil, fmt.Errorf("setting owner to upper mount point: %v", err)
+	}
+
 	return fs.NewOverlayRoot(ctx, upper, lower, upperFlags)
 }
author	gVisor bot <gvisor-bot@google.com>	2019-06-26 21:32:52 +0000
committer	gVisor bot <gvisor-bot@google.com>	2019-06-26 21:32:52 +0000
commit	49a4a4a0ee03d05ed824c17e74b9a9dff1d99b21 (patch)
tree	c3b1a7bb24d44925d3d5d1ed648474fb5472e4a2 /runsc
parent	a7c509fda54d62bd90fd7702bef9c1e46e746e3a (diff)
parent	42e212f6b7d4f6dd70e9751562f1524231e39a0e (diff)