diff options
author | Aditya Rajan <arajan@redhat.com> | 2021-12-07 15:08:52 +0530 |
---|---|---|
committer | Aditya Rajan <arajan@redhat.com> | 2021-12-07 15:42:12 +0530 |
commit | 7d0fd175f1bcb6bb2bb9ccb83426f35c001599b2 (patch) | |
tree | 894155d3477fafea07f84697bc8d69f661b7e8d3 | |
parent | 7d290b3f6245d2bc68e3cb689c5b3252561ae566 (diff) | |
download | podman-7d0fd175f1bcb6bb2bb9ccb83426f35c001599b2.tar.gz podman-7d0fd175f1bcb6bb2bb9ccb83426f35c001599b2.tar.bz2 podman-7d0fd175f1bcb6bb2bb9ccb83426f35c001599b2.zip |
volume: apply exact permission of target directory without adding extra 0111
While trying to match permissions of target directory podman adds
extra `0111` which should not be needed if target path does not have
execute permission.
Signed-off-by: Aditya Rajan <arajan@redhat.com>
-rw-r--r-- | libpod/container_internal_linux.go | 2 | ||||
-rw-r--r-- | test/e2e/run_volume_test.go | 12 |
2 files changed, 13 insertions, 1 deletions
diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go index 956460c32..f3774a64f 100644 --- a/libpod/container_internal_linux.go +++ b/libpod/container_internal_linux.go @@ -2784,7 +2784,7 @@ func (c *Container) fixVolumePermissions(v *ContainerNamedVolume) error { return err } } - if err := os.Chmod(mountPoint, st.Mode()|0111); err != nil { + if err := os.Chmod(mountPoint, st.Mode()); err != nil { return err } stat := st.Sys().(*syscall.Stat_t) diff --git a/test/e2e/run_volume_test.go b/test/e2e/run_volume_test.go index 3d05e0f70..c2817c551 100644 --- a/test/e2e/run_volume_test.go +++ b/test/e2e/run_volume_test.go @@ -762,6 +762,18 @@ USER testuser`, fedoraMinimal) }) + It("podman run with named volume check if we honor permission of target dir", func() { + session := podmanTest.Podman([]string{"run", "--rm", ALPINE, "stat", "-c", "%a %Y", "/var/tmp"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + perms := session.OutputToString() + + session = podmanTest.Podman([]string{"run", "--rm", "-v", "test:/var/tmp", ALPINE, "stat", "-c", "%a %Y", "/var/tmp"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + Expect(session.OutputToString()).To(Equal(perms)) + }) + It("podman volume with uid and gid works", func() { volName := "testVol" volCreate := podmanTest.Podman([]string{"volume", "create", "--opt", "o=uid=1000", volName}) |