From: Filip Schauer <f.schauer@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] [PATCH proxmox 1/2] oci: fix rootfs extraction when paths already exist
Date: Mon, 1 Dec 2025 18:13:10 +0100 [thread overview]
Message-ID: <20251201171317.149449-2-f.schauer@proxmox.com> (raw)
In-Reply-To: <20251201171317.149449-1-f.schauer@proxmox.com>
Remove paths from previous layers that conflict with new layer entries
before unpacking. This aligns with the OCI spec. [0]
This fixes a rootfs extraction failure with docker.io/grafana/otel-lgtm,
which was reported in the Proxmox Forum [1].
[0] https://github.com/opencontainers/image-spec/blob/26647a49f642c7d22a1cd3aa0a48e4650a542269/layer.md#changeset-over-existing-files
[1] https://forum.proxmox.com/threads/otel-lgtm-oci-create-lxc-failed.176996/
Signed-off-by: Filip Schauer <f.schauer@proxmox.com>
---
proxmox-oci/src/lib.rs | 20 ++++++++++++++++++++
1 file changed, 20 insertions(+)
diff --git a/proxmox-oci/src/lib.rs b/proxmox-oci/src/lib.rs
index cf0e4271..cce68207 100644
--- a/proxmox-oci/src/lib.rs
+++ b/proxmox-oci/src/lib.rs
@@ -302,6 +302,16 @@ fn extract_archive<R: Read, P: AsRef<Path>>(reader: &mut R, target_path: P) -> s
}
}
+ // If a file or directory already exists at this path, remove it first.
+ let file_path_abs = target_path.as_ref().join(file.path()?);
+ if file_path_abs.exists() {
+ if file_path_abs.is_dir() {
+ remove_dir_all(file_path_abs)?;
+ } else {
+ remove_file(file_path_abs)?;
+ }
+ }
+
file.unpack_in(&target_path)?;
}
@@ -309,6 +319,16 @@ fn extract_archive<R: Read, P: AsRef<Path>>(reader: &mut R, target_path: P) -> s
// to avoid failure on restrictive parent directory permissions.
directories.sort_by(|a, b| b.path_bytes().cmp(&a.path_bytes()));
for mut dir in directories {
+ let dir_path_abs = target_path.as_ref().join(dir.path()?);
+
+ // Remove the trailing slash
+ let dir_path_abs = dir_path_abs.components().as_path();
+
+ // If a file already exists at this path, remove it first.
+ if dir_path_abs.exists() && !dir_path_abs.is_dir() {
+ remove_file(dir_path_abs)?;
+ }
+
dir.unpack_in(&target_path)?;
}
--
2.47.3
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
next prev parent reply other threads:[~2025-12-01 17:13 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-12-01 17:13 [pve-devel] [PATCH proxmox 0/2] " Filip Schauer
2025-12-01 17:13 ` Filip Schauer [this message]
2025-12-01 17:13 ` [pve-devel] [PATCH proxmox 2/2] oci: test replacing files in subsequent layers Filip Schauer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251201171317.149449-2-f.schauer@proxmox.com \
--to=f.schauer@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox