podman, userNS: configure an intermediate mount namespace

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>

Closes: #690
Approved by: mheon

1 files changed, 12 insertions, 1 deletions

diff --git a/libpod/container.go b/libpod/container.go
index 5fa27af58..e35a620ed 100644
--- a/libpod/container.go
+++ b/libpod/container.go
@@ -115,11 +115,18 @@ type containerState struct {
 	ConfigPath string `json:"configPath,omitempty"`
 	// RunDir is a per-boot directory for container content
 	RunDir string `json:"runDir,omitempty"`
+	// DestinationRunDir is where the files in RunDir will be accessible for the container.
+	// It is different than RunDir when using userNS
+	DestinationRunDir string `json:"destinationRunDir,omitempty"`
 	// Mounted indicates whether the container's storage has been mounted
 	// for use
 	Mounted bool `json:"mounted,omitempty"`
-	// MountPoint contains the path to the container's mounted storage
+	// Mountpoint contains the path to the container's mounted storage as given
+	// by containers/storage.  It can be different than RealMountpoint when
+	// usernamespaces are used
 	Mountpoint string `json:"mountPoint,omitempty"`
+	// RealMountpoint contains the path to the container's mounted storage
+	RealMountpoint string `json:"realMountPoint,omitempty"`
 	// StartedTime is the time the container was started
 	StartedTime time.Time `json:"startedTime,omitempty"`
 	// FinishedTime is the time the container finished executing
@@ -152,6 +159,10 @@ type containerState struct {
 	// This maps the path the file will be mounted to in the container to
 	// the path of the file on disk outside the container
 	BindMounts map[string]string `json:"bindMounts,omitempty"`
+
+	// UserNSRoot is the directory used as root for the container when using
+	// user namespaces.
+	UserNSRoot string `json:"userNSRoot,omitempty"`
 }
 
 // ExecSession contains information on an active exec session