diff options
| author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2020-06-24 09:21:41 -0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-06-24 09:21:41 -0400 |
| commit | 3df30ef358e3211d4d6812ab08e9ceb1e31a771a (patch) | |
| tree | 0dee6fb99d89cd17fb9c159f0a87e55147e64610 | |
| parent | 0d26b8f24babcd847a7412907e622514925544a4 (diff) | |
| parent | 370195cf784967014dceee1f3da06f79170f033a (diff) | |
| download | podman-3df30ef358e3211d4d6812ab08e9ceb1e31a771a.tar.gz podman-3df30ef358e3211d4d6812ab08e9ceb1e31a771a.tar.bz2 podman-3df30ef358e3211d4d6812ab08e9ceb1e31a771a.zip | |
Merge pull request #6743 from giuseppe/specify-mappings-to-storage
libpod: specify mappings to the storage
| -rw-r--r-- | libpod/container_internal.go | 20 | ||||
| -rw-r--r-- | test/e2e/run_userns_test.go | 7 |
2 files changed, 27 insertions, 0 deletions
diff --git a/libpod/container_internal.go b/libpod/container_internal.go index 73e0b2118..db64f5eeb 100644 --- a/libpod/container_internal.go +++ b/libpod/container_internal.go @@ -22,6 +22,7 @@ import ( "github.com/containers/libpod/pkg/selinux" "github.com/containers/storage" "github.com/containers/storage/pkg/archive" + "github.com/containers/storage/pkg/idtools" "github.com/containers/storage/pkg/mount" securejoin "github.com/cyphar/filepath-securejoin" spec "github.com/opencontainers/runtime-spec/specs-go" @@ -360,6 +361,25 @@ func (c *Container) setupStorageMapping(dest, from *storage.IDMappingOptions) { } dest.AutoUserNsOpts.InitialSize = initialSize + 1 } + } else if c.config.Spec.Linux != nil { + dest.UIDMap = nil + for _, r := range c.config.Spec.Linux.UIDMappings { + u := idtools.IDMap{ + ContainerID: int(r.ContainerID), + HostID: int(r.HostID), + Size: int(r.Size), + } + dest.UIDMap = append(dest.UIDMap, u) + } + dest.GIDMap = nil + for _, r := range c.config.Spec.Linux.GIDMappings { + g := idtools.IDMap{ + ContainerID: int(r.ContainerID), + HostID: int(r.HostID), + Size: int(r.Size), + } + dest.GIDMap = append(dest.GIDMap, g) + } } } diff --git a/test/e2e/run_userns_test.go b/test/e2e/run_userns_test.go index 5b9a99daa..be0981408 100644 --- a/test/e2e/run_userns_test.go +++ b/test/e2e/run_userns_test.go @@ -89,6 +89,13 @@ var _ = Describe("Podman UserNS support", func() { Expect(ok).To(BeTrue()) }) + It("podman --userns=keep-id root owns /usr", func() { + session := podmanTest.Podman([]string{"run", "--userns=keep-id", "alpine", "stat", "-c%u", "/usr"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + Expect(session.OutputToString()).To(Equal("0")) + }) + It("podman --userns=keep-id --user root:root", func() { session := podmanTest.Podman([]string{"run", "--userns=keep-id", "--user", "root:root", "alpine", "id", "-u"}) session.WaitWithDefaultTimeout() |