diff --git a/generate/generate.go b/generate/generate.go index 84762c3c..bc92df66 100644 --- a/generate/generate.go +++ b/generate/generate.go @@ -1089,11 +1089,7 @@ func (g *Generator) DropProcessCapability(c string) error { } } - if err := validate.CapValid(cp, false); err != nil { - return err - } - - return nil + return validate.CapValid(cp, false) } func mapStrToNamespace(ns string, path string) (rspec.LinuxNamespace, error) { diff --git a/validate/validate.go b/validate/validate.go index 9a4c0fea..11032ac3 100644 --- a/validate/validate.go +++ b/validate/validate.go @@ -178,6 +178,23 @@ func (v *Validator) CheckRoot() (errs error) { return } + if v.platform == "windows" { + matched, err := regexp.MatchString(`\\\\[?]\\Volume[{][a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}[}]\\`, v.spec.Root.Path) + if err != nil { + errs = multierror.Append(errs, err) + } else if !matched { + errs = multierror.Append(errs, + specerror.NewError(specerror.PathFormatOnWindows, fmt.Errorf("root.path is %q, but it MUST be a volume GUID path when target platform is windows", v.spec.Root.Path), rspec.Version)) + } + + if v.spec.Root.Readonly { + errs = multierror.Append(errs, + specerror.NewError(specerror.ReadonlyOnWindows, fmt.Errorf("root.readonly field MUST be omitted or false when target platform is windows"), rspec.Version)) + } + + return + } + absBundlePath, err := filepath.Abs(v.bundlePath) if err != nil { errs = multierror.Append(errs, fmt.Errorf("unable to convert %q to an absolute path", v.bundlePath)) @@ -218,13 +235,6 @@ func (v *Validator) CheckRoot() (errs error) { specerror.NewError(specerror.ArtifactsInSingleDir, fmt.Errorf("root.path is %q, but it MUST be a child of %q", v.spec.Root.Path, absBundlePath), rspec.Version)) } - if v.platform == "windows" { - if v.spec.Root.Readonly { - errs = multierror.Append(errs, - specerror.NewError(specerror.ReadonlyOnWindows, fmt.Errorf("root.readonly field MUST be omitted or false when target platform is windows"), rspec.Version)) - } - } - return } diff --git a/validate/validate_test.go b/validate/validate_test.go index 9c3e3ea2..e7e3f605 100644 --- a/validate/validate_test.go +++ b/validate/validate_test.go @@ -114,6 +114,8 @@ func TestCheckRoot(t *testing.T) { }{ {rspec.Spec{Windows: &rspec.Windows{HyperV: &rspec.WindowsHyperV{}}, Root: &rspec.Root{}}, "windows", specerror.RootOnHyperV}, {rspec.Spec{Windows: &rspec.Windows{HyperV: &rspec.WindowsHyperV{}}, Root: nil}, "windows", specerror.NonError}, + {rspec.Spec{Windows: &rspec.Windows{}, Root: &rspec.Root{Path: filepath.Join(tmpBundle, "rootfs")}}, "windows", specerror.PathFormatOnWindows}, + {rspec.Spec{Windows: &rspec.Windows{}, Root: &rspec.Root{Path: "\\\\?\\Volume{ec84d99e-3f02-11e7-ac6c-00155d7682cf}\\"}}, "windows", specerror.NonError}, {rspec.Spec{Root: nil}, "linux", specerror.RootOnNonHyperV}, {rspec.Spec{Root: &rspec.Root{Path: "maverick-rootfs"}}, "linux", specerror.PathName}, {rspec.Spec{Root: &rspec.Root{Path: "rootfs"}}, "linux", specerror.NonError},