[virt-tools-list] [virt-bootstrap] [PATCH v7 02/26] Improve untar command

Radostin Stoyanov rstoyanov1 at gmail.com
Sat Aug 26 20:41:51 UTC 2017


Add "--overwrite" to enforce the overwrite of existing files.

Add the flag "--absolute-names" to disable the strip of leading '/'s
This is used to get around the error "Cannot open:Permission denied"
which occurs when the qemu driver is used by virt-sandbox. It is used
for unprivileged users to create isolated environment in which tar is
executed to extract the content from container image layers.

In particular this error occurs when the tar archive contains symbolic
link which has target path starting with '/'.

Steps to reproduce:
    $ mkdir /tmp/foo
    $ cd /tmp/foo
    $ touch file
    $ ln -s /tmp/foo/file link
    $ tar -cf archive.tar link
    $ mkdir /tmp/foo/dest
    $ virt-sandbox -c qemu:///session \
                   -m host-bind:/mnt=/tmp/foo/dest \
                   -- /bin/tar xf /tmp/foo/archive.tar -C /mnt

Error message:
    tar: link: Cannot open: Permission denied
    tar: Exiting with failure status due to previous errors
---
 src/virtBootstrap/utils.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/virtBootstrap/utils.py b/src/virtBootstrap/utils.py
index 63ef57a..66cd301 100644
--- a/src/virtBootstrap/utils.py
+++ b/src/virtBootstrap/utils.py
@@ -106,7 +106,11 @@ def safe_untar(src, dest):
 
     # Compression type is auto detected from tar
     # Exclude files under /dev to avoid "Cannot mknod: Operation not permitted"
-    params = ['--', '/bin/tar', 'xf', src, '-C', '/mnt', '--exclude', 'dev/*']
+    # Note: Here we use --absolute-names flag to get around the error message
+    # "Cannot open: Permission denied" when symlynks are extracted, with the
+    # qemu:/// driver. This flag must not be used outside virt-sandbox.
+    params = ['--', '/bin/tar', 'xf', src, '-C', '/mnt', '--exclude', 'dev/*',
+              '--overwrite', '--absolute-names']
     execute(virt_sandbox + params)
 
 
-- 
2.13.5




More information about the virt-tools-list mailing list