disk: move mount point checking to central location

Instead of all distribution implementing their own mount point checking code, we de-duplicate it and move it to `disk`.
2022-08-06 21:22:52 +02:00 · 2022-08-06 21:22:52 +02:00 · 2b03a839f0
commit 2b03a839f0
parent 13e287733a
6 changed files with 50 additions and 57 deletions
--- a/internal/disk/disk.go
+++ b/internal/disk/disk.go
@ -18,10 +18,14 @@ package disk

 import (
 	"encoding/hex"
+	"fmt"
 	"io"
 	"math/rand"
+	"path"
+	"strings"

 	"github.com/google/uuid"
+	"github.com/osbuild/osbuild-composer/internal/blueprint"
 )

 const (
@ -164,3 +168,37 @@ func NewVolIDFromRand(r *rand.Rand) string {
 	}
 	return hex.EncodeToString(volid)
 }
+
+func IsMountpointAllowed(mountpoint string, allowlist []string) bool {
+	for _, allowed := range allowlist {
+		match, _ := path.Match(allowed, mountpoint)
+		if match {
+			return true
+		}
+		// ensure that only clean mountpoints
+		// are valid
+		if strings.Contains(mountpoint, "//") {
+			return false
+		}
+		match = strings.HasPrefix(mountpoint, allowed+"/")
+		if allowed != "/" && match {
+			return true
+		}
+	}
+	return false
+}
+
+func CheckMountpoints(mountpoints []blueprint.FilesystemCustomization, mountpointAllowList []string) error {
+	invalidMountpoints := []string{}
+	for _, m := range mountpoints {
+		if !IsMountpointAllowed(m.Mountpoint, mountpointAllowList) {
+			invalidMountpoints = append(invalidMountpoints, m.Mountpoint)
+		}
+	}
+
+	if len(invalidMountpoints) > 0 {
+		return fmt.Errorf("The following custom mountpoints are not supported %+q", invalidMountpoints)
+	}
+
+	return nil
+}