summaryrefslogtreecommitdiff
path: root/cmd/podman/system
diff options
context:
space:
mode:
authorDaniel J Walsh <dwalsh@redhat.com>2020-05-08 15:59:28 -0400
committerGitHub <noreply@github.com>2020-05-08 15:59:28 -0400
commit5c7ac1ba7812a99e59251cf49f7fb2a9c2429e11 (patch)
treefc02557c9f4de15b3489da0155d826cbe2cfd8a4 /cmd/podman/system
parent7f8b31f5fb59d8b66a26dcd822863fbc18687905 (diff)
parent1074a02ff85bb9f1d0db3e4468b067a6516b1521 (diff)
downloadpodman-5c7ac1ba7812a99e59251cf49f7fb2a9c2429e11.tar.gz
podman-5c7ac1ba7812a99e59251cf49f7fb2a9c2429e11.tar.bz2
podman-5c7ac1ba7812a99e59251cf49f7fb2a9c2429e11.zip
Merge pull request #6146 from baude/v2unshare
v2 podman unshare command
Diffstat (limited to 'cmd/podman/system')
-rw-r--r--cmd/podman/system/unshare.go50
1 files changed, 50 insertions, 0 deletions
diff --git a/cmd/podman/system/unshare.go b/cmd/podman/system/unshare.go
new file mode 100644
index 000000000..7db5d36d2
--- /dev/null
+++ b/cmd/podman/system/unshare.go
@@ -0,0 +1,50 @@
+package system
+
+import (
+ "os"
+
+ "github.com/containers/libpod/cmd/podman/registry"
+ "github.com/containers/libpod/pkg/domain/entities"
+ "github.com/containers/libpod/pkg/rootless"
+ "github.com/pkg/errors"
+ "github.com/spf13/cobra"
+)
+
+var (
+ unshareDescription = "Runs a command in a modified user namespace."
+ unshareCommand = &cobra.Command{
+ Use: "unshare [flags] [COMMAND [ARG]]",
+ Short: "Run a command in a modified user namespace",
+ Long: unshareDescription,
+ RunE: unshare,
+ Example: `podman unshare id
+ podman unshare cat /proc/self/uid_map,
+ podman unshare podman-script.sh`,
+ }
+)
+
+func init() {
+ registry.Commands = append(registry.Commands, registry.CliCommand{
+ Mode: []entities.EngineMode{entities.ABIMode},
+ Command: unshareCommand,
+ })
+ flags := unshareCommand.Flags()
+ flags.SetInterspersed(false)
+}
+
+func unshare(cmd *cobra.Command, args []string) error {
+ if isRootless := rootless.IsRootless(); !isRootless {
+ return errors.Errorf("please use unshare with rootless")
+ }
+ // exec the specified command, if there is one
+ if len(args) < 1 {
+ // try to exec the shell, if one's set
+ shell, shellSet := os.LookupEnv("SHELL")
+ if !shellSet {
+ return errors.Errorf("no command specified and no $SHELL specified")
+ }
+ args = []string{shell}
+ }
+
+ return registry.ContainerEngine().Unshare(registry.Context(), args)
+}