diff options
| author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2020-01-10 23:40:26 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-01-10 23:40:26 +0100 |
| commit | 40a16ee4c36aa143d3b27da9189d16afce35740d (patch) | |
| tree | 6874393642a12513453905c8b66119c55a04165f | |
| parent | e1ffac6cc73eb36640cbaf6a1a28ba44749a96d9 (diff) | |
| parent | 7a11ed5a77a631ea055dd09fbaca3111e5530085 (diff) | |
| download | podman-40a16ee4c36aa143d3b27da9189d16afce35740d.tar.gz podman-40a16ee4c36aa143d3b27da9189d16afce35740d.tar.bz2 podman-40a16ee4c36aa143d3b27da9189d16afce35740d.zip | |
Merge pull request #4839 from giuseppe/fix-keep-id-big-ids
libpod: fix --userns=keep-id with big UIDs
| -rw-r--r-- | pkg/util/utils.go | 19 |
1 files changed, 15 insertions, 4 deletions
diff --git a/pkg/util/utils.go b/pkg/util/utils.go index c9d09b8b5..9269f6115 100644 --- a/pkg/util/utils.go +++ b/pkg/util/utils.go @@ -335,6 +335,13 @@ func ParseIDMapping(mode namespaces.UsernsMode, UIDMapSlice, GIDMapSlice []strin return nil, errors.New("cannot specify subuidmap or subgidmap with --userns=keep-id") } if rootless.IsRootless() { + min := func(a, b int) int { + if a < b { + return a + } + return b + } + uid := rootless.GetRootlessUID() gid := rootless.GetRootlessGID() @@ -352,13 +359,17 @@ func ParseIDMapping(mode namespaces.UsernsMode, UIDMapSlice, GIDMapSlice []strin options.UIDMap, options.GIDMap = nil, nil - options.UIDMap = append(options.UIDMap, idtools.IDMap{ContainerID: 0, HostID: 1, Size: uid}) + options.UIDMap = append(options.UIDMap, idtools.IDMap{ContainerID: 0, HostID: 1, Size: min(uid, maxUID)}) options.UIDMap = append(options.UIDMap, idtools.IDMap{ContainerID: uid, HostID: 0, Size: 1}) - options.UIDMap = append(options.UIDMap, idtools.IDMap{ContainerID: uid + 1, HostID: uid + 1, Size: maxUID - uid}) + if maxUID > uid { + options.UIDMap = append(options.UIDMap, idtools.IDMap{ContainerID: uid + 1, HostID: uid + 1, Size: maxUID - uid}) + } - options.GIDMap = append(options.GIDMap, idtools.IDMap{ContainerID: 0, HostID: 1, Size: gid}) + options.GIDMap = append(options.GIDMap, idtools.IDMap{ContainerID: 0, HostID: 1, Size: min(gid, maxGID)}) options.GIDMap = append(options.GIDMap, idtools.IDMap{ContainerID: gid, HostID: 0, Size: 1}) - options.GIDMap = append(options.GIDMap, idtools.IDMap{ContainerID: gid + 1, HostID: gid + 1, Size: maxGID - gid}) + if maxGID > gid { + options.GIDMap = append(options.GIDMap, idtools.IDMap{ContainerID: gid + 1, HostID: gid + 1, Size: maxGID - gid}) + } options.HostUIDMapping = false options.HostGIDMapping = false |