[pve-devel] [PATCH proxmox 1/2] oci: fix rootfs extraction when paths already exist
Filip Schauer
f.schauer at proxmox.com
Mon Dec 1 18:13:10 CET 2025
Remove paths from previous layers that conflict with new layer entries
before unpacking. This aligns with the OCI spec. [0]
This fixes a rootfs extraction failure with docker.io/grafana/otel-lgtm,
which was reported in the Proxmox Forum [1].
[0] https://github.com/opencontainers/image-spec/blob/26647a49f642c7d22a1cd3aa0a48e4650a542269/layer.md#changeset-over-existing-files
[1] https://forum.proxmox.com/threads/otel-lgtm-oci-create-lxc-failed.176996/
Signed-off-by: Filip Schauer <f.schauer at proxmox.com>
---
proxmox-oci/src/lib.rs | 20 ++++++++++++++++++++
1 file changed, 20 insertions(+)
diff --git a/proxmox-oci/src/lib.rs b/proxmox-oci/src/lib.rs
index cf0e4271..cce68207 100644
--- a/proxmox-oci/src/lib.rs
+++ b/proxmox-oci/src/lib.rs
@@ -302,6 +302,16 @@ fn extract_archive<R: Read, P: AsRef<Path>>(reader: &mut R, target_path: P) -> s
}
}
+ // If a file or directory already exists at this path, remove it first.
+ let file_path_abs = target_path.as_ref().join(file.path()?);
+ if file_path_abs.exists() {
+ if file_path_abs.is_dir() {
+ remove_dir_all(file_path_abs)?;
+ } else {
+ remove_file(file_path_abs)?;
+ }
+ }
+
file.unpack_in(&target_path)?;
}
@@ -309,6 +319,16 @@ fn extract_archive<R: Read, P: AsRef<Path>>(reader: &mut R, target_path: P) -> s
// to avoid failure on restrictive parent directory permissions.
directories.sort_by(|a, b| b.path_bytes().cmp(&a.path_bytes()));
for mut dir in directories {
+ let dir_path_abs = target_path.as_ref().join(dir.path()?);
+
+ // Remove the trailing slash
+ let dir_path_abs = dir_path_abs.components().as_path();
+
+ // If a file already exists at this path, remove it first.
+ if dir_path_abs.exists() && !dir_path_abs.is_dir() {
+ remove_file(dir_path_abs)?;
+ }
+
dir.unpack_in(&target_path)?;
}
--
2.47.3
More information about the pve-devel
mailing list