aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGiuseppe Scrivano <gscrivan@redhat.com>2018-06-01 13:24:17 +0200
committerAtomic Bot <atomic-devel@projectatomic.io>2018-06-15 14:53:18 +0000
commit5e699e28a7cadc959b3e306d4d53f415c5ff605f (patch)
tree53beafa9624d4b8cc90ab2a1221be988c72d71cc
parentc976d49805aa909ca3ec2de318852b5c5d378656 (diff)
downloadpodman-5e699e28a7cadc959b3e306d4d53f415c5ff605f.tar.gz
podman-5e699e28a7cadc959b3e306d4d53f415c5ff605f.tar.bz2
podman-5e699e28a7cadc959b3e306d4d53f415c5ff605f.zip
podman: do not use Chown in rootless mode
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #871 Approved by: mheon
-rw-r--r--libpod/container_internal.go14
1 files changed, 9 insertions, 5 deletions
diff --git a/libpod/container_internal.go b/libpod/container_internal.go
index 820f2209f..b6198f3c4 100644
--- a/libpod/container_internal.go
+++ b/libpod/container_internal.go
@@ -231,7 +231,7 @@ func (c *Container) setupStorage(ctx context.Context) error {
return errors.Wrapf(err, "error creating container storage")
}
- if len(c.config.IDMappings.UIDMap) != 0 || len(c.config.IDMappings.GIDMap) != 0 {
+ if os.Getuid() == 0 && (len(c.config.IDMappings.UIDMap) != 0 || len(c.config.IDMappings.GIDMap) != 0) {
info, err := os.Stat(c.runtime.config.TmpDir)
if err != nil {
return errors.Wrapf(err, "cannot stat `%s`", c.runtime.config.TmpDir)
@@ -935,8 +935,10 @@ func (c *Container) postDeleteHooks(ctx context.Context) (err error) {
// Make standard bind mounts to include in the container
func (c *Container) makeBindMounts() error {
- if err := os.Chown(c.state.RunDir, c.RootUID(), c.RootGID()); err != nil {
- return errors.Wrapf(err, "error chown %s", c.state.RunDir)
+ if os.Getuid() == 0 {
+ if err := os.Chown(c.state.RunDir, c.RootUID(), c.RootGID()); err != nil {
+ return errors.Wrapf(err, "cannot chown run directory %s", c.state.RunDir)
+ }
}
if c.state.BindMounts == nil {
@@ -1013,8 +1015,10 @@ func (c *Container) writeStringToRundir(destFile, output string) (string, error)
return "", errors.Wrapf(err, "unable to create %s", destFileName)
}
defer f.Close()
- if err := f.Chown(c.RootUID(), c.RootGID()); err != nil {
- return "", err
+ if os.Getuid() == 0 {
+ if err := f.Chown(c.RootUID(), c.RootGID()); err != nil {
+ return "", err
+ }
}
if _, err := f.WriteString(output); err != nil {