Add options for adjusting volume credentials: uid/gid/mode

Author: ashald

README.md

@@ -2,4 +2,9 @@
 https://serverfault.com/questions/166748/performance-of-loopback-filesystems
 https://kernelnewbies.org/Linux_4.4#Faster_and_leaner_loop_device_with_Direct_I.2FO_and_Asynchronous_I.2FO_support
 
-https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=bc07c10a3603a5ab3ef01ba42b3d41f9ac63d1b6
+https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=bc07c10a3603a5ab3ef01ba42b3d41f9ac63d1b6
+
+```
+chown -1:-1
+
+```

driver/driver.go

@@ -3,9 +3,9 @@ package driver
 import (
 	"fmt"
 	"os"
+	"strconv"
 	"sync"
 	"time"
-	"strconv"
 
 	"github.com/ashald/docker-volume-loopback/manager"
 	"github.com/pkg/errors"
@@ -64,9 +64,9 @@ func (d Driver) Create(req *v.CreateRequest) error {
 		Str("opts-size", req.Options["size"]).
 		Logger()
 
-	size, present := req.Options["size"]
+	size, sizePresent := req.Options["size"]
 
-	if !present {
+	if !sizePresent {
 		logger.Debug().
 			Str("default", d.defaultSize).
 			Msg("no size opt found, using default")
@@ -80,12 +80,68 @@ func (d Driver) Create(req *v.CreateRequest) error {
 			size)
 	}
 
+	uid := -1
+	uidStr, uidPresent := req.Options["uid"]
+	if uidPresent && len(uidStr) > 0 {
+		uid, err = strconv.Atoi(uidStr)
+		if err != nil {
+			return errors.Wrapf(err,
+				"Error creating volume '%s' - cannot parse 'uid' option '%s' as an integer",
+				req.Name, uidStr)
+		}
+		if uid < 0 {
+			return errors.Errorf(
+				"Error creating volume '%s' - 'uid' option should be >= 0 but received '%s'",
+				req.Name, uid)
+		}
+
+		logger.Debug().
+			Int("uid", uid).
+			Msg("set volume root uid")
+	}
+
+	gid := -1
+	gidStr, gidPresent := req.Options["gid"]
+	if gidPresent && len(gidStr) > 0 {
+		gid, err = strconv.Atoi(gidStr)
+		if err != nil {
+			return errors.Wrapf(err,
+				"Error creating volume '%s' - cannot parse 'gid' option '%s' as an integer",
+				req.Name, gidStr)
+		}
+		if gid < 0 {
+			return errors.Errorf(
+				"Error creating volume '%s' - 'gid' option should be >= 0 but received '%s'",
+				req.Name, gid)
+		}
+
+		logger.Debug().
+			Int("gid", gid).
+			Msg("set volume root gid")
+	}
+
+	var mode uint32
+	modeStr, modePresent := req.Options["mode"]
+	if modePresent && len(modeStr) > 0 {
+		logger.Debug().
+			Str("mode", modeStr).
+			Msg("will parse as octal")
+
+		modeParsed, err := strconv.ParseUint(modeStr, 8, 32)
+		if err != nil || modeParsed <= 0 || modeParsed > 07777 {
+			return errors.Wrapf(err,
+				"Error creating volume '%s' - cannot parse mode '%s' as 4-position octal",
+				req.Name, modeStr)
+		}
+		mode = uint32(modeParsed)
+	}
+
 	d.Lock()
 	defer d.Unlock()
 
 	logger.Debug().Msg("starting creation")
 
-	err = d.manager.Create(req.Name, sizeInBytes)
+	err = d.manager.Create(req.Name, sizeInBytes, uid, gid, mode)
 	if err != nil {
 		return err
 	}
@@ -226,7 +282,7 @@ func (d Driver) Mount(req *v.MountRequest) (*v.MountResponse, error) {
 	logger.Debug().Msg("finished mounting volume")
 
 	resp := new(v.MountResponse)
-	resp.Mountpoint = *entrypoint
+	resp.Mountpoint = entrypoint
 	return resp, nil
 }
 

manager/manager.go

@@ -144,7 +144,7 @@ func (m Manager) Get(name string) (vol Volume, err error) {
 }
 
 
-func (m Manager) Create(name string, sizeInBytes int64) error {
+func (m Manager) Create(name string, sizeInBytes int64, uid, gid int, mode uint32) error {
 	err := validateName(name)
 	if err != nil {
 		return errors.Wrapf(err,
@@ -166,17 +166,20 @@ func (m Manager) Create(name string, sizeInBytes int64) error {
 
 	}
 
-	// create vessel
+	// create data file
 	dataFilePath := filepath.Join(m.dataDir, name)
 	dataFileInfo, err := os.Create(dataFilePath)
 	if err != nil {
+		_ = os.Remove(dataFilePath) // attempt to cleanup
+
 		return errors.Wrapf(err,
 			"Error creating volume '%s' - cannot create datafile '%s'",
 			name, dataFilePath)
 	}
 
 	err = dataFileInfo.Truncate(sizeInBytes)
 	if err != nil {
+		_ = os.Remove(dataFilePath) // attempt to cleanup
 		return errors.Wrapf(err,
 			"Error creating volume '%s' - cannot allocate '%s' bytes",
 			name, sizeInBytes)
@@ -186,30 +189,73 @@ func (m Manager) Create(name string, sizeInBytes int64) error {
 	mkfsCmd := exec.Command("mkfs.ext4", "-F", dataFilePath)
 	_, err = mkfsCmd.Output()
 	if err != nil {
+		_ = os.Remove(dataFilePath) // attempt to cleanup
 		return errors.Wrapf(err,
 			"Error creating volume '%s' - cannot format datafile as ext4 filesystem",
 			name, sizeInBytes)
 	}
 
+	// At this point we're done - last step is to adjust ownership if required.
+	if uid >= 0 || gid >= 0 {
+		lease := "driver"
+
+		mountPath, err := m.Mount(name, lease)
+		if err != nil {
+			_ = os.Remove(dataFilePath) // attempt to cleanup
+			return errors.Wrapf(err,
+				"Error creating volume '%s' - cannot mount volume to adjust its root owner/permissions",
+				name, sizeInBytes)
+		}
+
+		if mode > 0 {
+			err = os.Chmod(mountPath, os.FileMode(mode))
+			if err != nil {
+				_ = m.UnMount(name, lease)
+				_ = os.Remove(dataFilePath) // attempt to cleanup
+				return errors.Wrapf(err,
+					"Error creating volume '%s' - cannot adjust volume root permissions",
+					name, sizeInBytes)
+			}
+		}
+		err = os.Chown(mountPath, uid, gid)
+		if err != nil {
+			_ = m.UnMount(name, lease)
+			_ = os.Remove(dataFilePath) // attempt to cleanup
+			return errors.Wrapf(err,
+				"Error creating volume '%s' - cannot adjust volume root owner",
+				name, sizeInBytes)
+		}
+
+		err = m.UnMount(name, lease)
+		if err != nil {
+			_ = os.Remove(dataFilePath) // attempt to cleanup
+			return errors.Wrapf(err,
+				"Error creating volume '%s' - cannot unmount volume after adjusting its root owner/permissions",
+				name, sizeInBytes)
+		}
+	}
+
 	return nil
 }
 
-func (m Manager) Mount(name string, lease string) (*string, error) {
+func (m Manager) Mount(name string, lease string) (string, error) {
+	var failedResult string
+
 	err := validateName(name)
 	if err != nil {
-		return nil, errors.Wrapf(err,
+		return failedResult, errors.Wrapf(err,
 			"Error mounting volume '%s' - invalid volume name",
 			name)
 	}
 
 	vol, err := m.getVolume(name)
 	if err != nil {
-		return nil, errors.Wrapf(err, "Error mounting volume '%s' - cannot get its metadata", name)
+		return failedResult, errors.Wrapf(err, "Error mounting volume '%s' - cannot get its metadata", name)
 	}
 
 	isAlreadyMounted, err := vol.IsMounted() // checking mount status early before we record a lease
 	if err != nil {
-		return nil, errors.Wrapf(err, "Error mounting volume '%s' - cannot check its mount status", name)
+		return failedResult, errors.Wrapf(err, "Error mounting volume '%s' - cannot check its mount status", name)
 	}
 
 	_, err = os.Stat(vol.StateDir)
@@ -218,7 +264,7 @@ func (m Manager) Mount(name string, lease string) (*string, error) {
 		if os.IsNotExist(err) {
 			err = os.MkdirAll(vol.StateDir, 0755)
 			if err != nil {
-				return nil, errors.Wrapf(err,
+				return failedResult, errors.Wrapf(err,
 					"Error mounting volume '%s' - cannot create its state dir",
 					name)
 			}
@@ -229,34 +275,36 @@ func (m Manager) Mount(name string, lease string) (*string, error) {
 	_, err = os.Stat(leaseFile)
 	if err != nil {
 		if !os.IsNotExist(err) {
-			return nil, errors.Wrapf(err,
+			return failedResult, errors.Wrapf(err,
 				"Error mounting volume '%s' - cannot access lease file '%s'",
 				name, leaseFile)
 		}
 	}
 	_, err = os.Create(leaseFile)
 	if err != nil {
-		return nil, errors.Wrapf(err,
+		return failedResult, errors.Wrapf(err,
 			"Error mounting volume '%s' - cannot create lease file '%s'",
 			name, lease)
 	}
 
 	if !isAlreadyMounted {
 		err = os.Mkdir(vol.MountPointPath, 0777)
 		if err != nil {
-			return nil, errors.Wrapf(err,
+			_ = os.Remove(leaseFile) // attempt to cleanup
+			return failedResult, errors.Wrapf(err,
 				"Error mounting volume '%s' - cannot create mount point dir",
 				name)
 		}
 		mountCmd := exec.Command("mount", vol.DataFilePath, vol.MountPointPath)
 		_, err = mountCmd.Output()
 		if err != nil {
-			return nil, errors.Wrapf(err,
+			_ = os.Remove(leaseFile) // attempt to cleanup
+			return failedResult, errors.Wrapf(err,
 				"Error mounting volume '%s' - cannot mount vessel '%s' at '%s'",
 				name, vol.DataFilePath, vol.MountPointPath)
 		}
 	}
-	return &vol.MountPointPath, nil
+	return vol.MountPointPath, nil
 }
 
 func (m Manager) UnMount(name string, lease string) error {