Podman run --passwd

added support for a new flag --passwd which, when false prohibits podman from creating entries in /etc/passwd and /etc/groups allowing users to modify those files in the container entrypoint resolves #11805 Signed-off-by: cdoern <cdoern@redhat.com>
author: cdoern <cdoern@redhat.com> 2021-12-20 10:23:08 -0500
committer: cdoern <cdoern@redhat.com> 2021-12-21 17:19:41 -0500
commit: 20ce6e5c6031bd4180514ec412760a294f8a83a2 (patch)
tree: d725886615e4353e46cd30a73df188257ff7ade0 /libpod/container_config.go
parent: f45070ee0e63ea26e475e618ff32a498096fa561 (diff)
download: podman-20ce6e5c6031bd4180514ec412760a294f8a83a2.tar.gz
podman-20ce6e5c6031bd4180514ec412760a294f8a83a2.tar.bz2
podman-20ce6e5c6031bd4180514ec412760a294f8a83a2.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/libpod/container_config.go b/libpod/container_config.go
index adc585fa1..db65063b5 100644
--- a/libpod/container_config.go
+++ b/libpod/container_config.go
@@ -163,6 +163,8 @@ type ContainerRootFSConfig struct {
 	// Volatile specifies whether the container storage can be optimized
 	// at the cost of not syncing all the dirty files in memory.
 	Volatile bool `json:"volatile,omitempty"`
+	// Passwd allows to user to override podman's passwd/group file setup
+	Passwd *bool `json:"passwd,omitempty"`
 }
 
 // ContainerSecurityConfig is an embedded sub-config providing security configuration
author	cdoern <cdoern@redhat.com>	2021-12-20 10:23:08 -0500
committer	cdoern <cdoern@redhat.com>	2021-12-21 17:19:41 -0500
commit	20ce6e5c6031bd4180514ec412760a294f8a83a2 (patch)
tree	d725886615e4353e46cd30a73df188257ff7ade0 /libpod/container_config.go
parent	f45070ee0e63ea26e475e618ff32a498096fa561 (diff)
download	podman-20ce6e5c6031bd4180514ec412760a294f8a83a2.tar.gz podman-20ce6e5c6031bd4180514ec412760a294f8a83a2.tar.bz2 podman-20ce6e5c6031bd4180514ec412760a294f8a83a2.zip