-
Notifications
You must be signed in to change notification settings - Fork 11
/
directories.go
86 lines (75 loc) · 2.32 KB
/
directories.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
package setup
import (
"errors"
"fmt"
"io/fs"
"os"
"syscall"
"github.com/canonical/k8s/pkg/log"
"github.com/canonical/k8s/pkg/snap"
)
// EnsureAllDirectories ensures all required configuration and state directories are created.
func EnsureAllDirectories(snap snap.Snap) error {
if err := ensureCniBinDir(snap.CNIBinDir()); err != nil {
return err
}
for _, dir := range []string{
snap.CNIConfDir(),
snap.ContainerdConfigDir(),
snap.ContainerdExtraConfigDir(),
snap.ContainerdRegistryConfigDir(),
snap.K8sDqliteStateDir(),
snap.KubernetesConfigDir(),
snap.KubernetesPKIDir(),
snap.EtcdPKIDir(),
snap.LockFilesDir(),
snap.ServiceArgumentsDir(),
snap.ServiceExtraConfigDir(),
} {
if dir == "" {
continue
}
if err := os.MkdirAll(dir, 0700); err != nil {
return fmt.Errorf("failed to create required directory: %w", err)
}
}
return nil
}
// Ensures that the provided path is a directory with the appropriate
// ownership/permissions for it to be used as the CNI binary directory.
// https://github.com/canonical/k8s-snap/issues/567
// https://github.com/cilium/cilium/issues/23838
func ensureCniBinDir(cniBinDir string) error {
l := log.L().WithValues("cniBinDir", cniBinDir)
if cniBinDir == "" {
l.V(1).Info("Skipping creation of cni bin directory since it was not set")
return nil
}
var stat syscall.Stat_t
if err := syscall.Stat(cniBinDir, &stat); err != nil {
if !errors.Is(err, fs.ErrNotExist) {
return fmt.Errorf("failed to syscall.Stat(%q): %w", cniBinDir, err)
}
l.Info("Creating cni bin directory")
if err := os.MkdirAll(cniBinDir, 0o0700); err != nil {
return fmt.Errorf("failed to os.MkdirAll(%s): %w", cniBinDir, err)
}
if err := syscall.Stat(cniBinDir, &stat); err != nil {
return fmt.Errorf("failed to syscall.Stat(%q) newly-created cni bin dir: %w", cniBinDir, err)
}
}
if stat.Uid != 0 || stat.Gid != 0 {
l.Info("Ensuring ownership of cni bin directory")
if err := os.Chown(cniBinDir, 0, 0); err != nil {
return fmt.Errorf("failed to os.Chown(%q, 0, 0): %w", cniBinDir, err)
}
}
if (stat.Mode & 0o700) != 0o700 {
l.Info("Ensuring permissions of cni bin directory")
mode := os.FileMode(stat.Mode | 0o700)
if err := os.Chmod(cniBinDir, mode); err != nil {
return fmt.Errorf("failed to os.Chmod(%q, %o): %w", cniBinDir, mode, err)
}
}
return nil
}