diff options
author | Giuseppe Scrivano <gscrivan@redhat.com> | 2018-06-01 13:24:17 +0200 |
---|---|---|
committer | Atomic Bot <atomic-devel@projectatomic.io> | 2018-06-15 14:53:18 +0000 |
commit | 5e699e28a7cadc959b3e306d4d53f415c5ff605f (patch) | |
tree | 53beafa9624d4b8cc90ab2a1221be988c72d71cc /libpod/container_internal.go | |
parent | c976d49805aa909ca3ec2de318852b5c5d378656 (diff) | |
download | podman-5e699e28a7cadc959b3e306d4d53f415c5ff605f.tar.gz podman-5e699e28a7cadc959b3e306d4d53f415c5ff605f.tar.bz2 podman-5e699e28a7cadc959b3e306d4d53f415c5ff605f.zip |
podman: do not use Chown in rootless mode
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #871
Approved by: mheon
Diffstat (limited to 'libpod/container_internal.go')
-rw-r--r-- | libpod/container_internal.go | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/libpod/container_internal.go b/libpod/container_internal.go index 820f2209f..b6198f3c4 100644 --- a/libpod/container_internal.go +++ b/libpod/container_internal.go @@ -231,7 +231,7 @@ func (c *Container) setupStorage(ctx context.Context) error { return errors.Wrapf(err, "error creating container storage") } - if len(c.config.IDMappings.UIDMap) != 0 || len(c.config.IDMappings.GIDMap) != 0 { + if os.Getuid() == 0 && (len(c.config.IDMappings.UIDMap) != 0 || len(c.config.IDMappings.GIDMap) != 0) { info, err := os.Stat(c.runtime.config.TmpDir) if err != nil { return errors.Wrapf(err, "cannot stat `%s`", c.runtime.config.TmpDir) @@ -935,8 +935,10 @@ func (c *Container) postDeleteHooks(ctx context.Context) (err error) { // Make standard bind mounts to include in the container func (c *Container) makeBindMounts() error { - if err := os.Chown(c.state.RunDir, c.RootUID(), c.RootGID()); err != nil { - return errors.Wrapf(err, "error chown %s", c.state.RunDir) + if os.Getuid() == 0 { + if err := os.Chown(c.state.RunDir, c.RootUID(), c.RootGID()); err != nil { + return errors.Wrapf(err, "cannot chown run directory %s", c.state.RunDir) + } } if c.state.BindMounts == nil { @@ -1013,8 +1015,10 @@ func (c *Container) writeStringToRundir(destFile, output string) (string, error) return "", errors.Wrapf(err, "unable to create %s", destFileName) } defer f.Close() - if err := f.Chown(c.RootUID(), c.RootGID()); err != nil { - return "", err + if os.Getuid() == 0 { + if err := f.Chown(c.RootUID(), c.RootGID()); err != nil { + return "", err + } } if _, err := f.WriteString(output); err != nil { |