summaryrefslogtreecommitdiff
path: root/libpod/container_internal_linux.go
diff options
context:
space:
mode:
authorOpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com>2020-02-28 20:18:13 +0100
committerGitHub <noreply@github.com>2020-02-28 20:18:13 +0100
commit742093c2f27d79a76dbc45335e6f9458decff567 (patch)
tree5f630daa82eae63f999b692a79cda8affdf18d7e /libpod/container_internal_linux.go
parent05550ed848d2cbb6417af286dcee6667c0d1adee (diff)
parentb41c864d569357a102ee2335a4947e59e5e2b08a (diff)
downloadpodman-742093c2f27d79a76dbc45335e6f9458decff567.tar.gz
podman-742093c2f27d79a76dbc45335e6f9458decff567.tar.bz2
podman-742093c2f27d79a76dbc45335e6f9458decff567.zip
Merge pull request #5349 from mheon/ensure_exec_suppgroups
Ensure that exec sessions inherit supplemental groups
Diffstat (limited to 'libpod/container_internal_linux.go')
-rw-r--r--libpod/container_internal_linux.go5
1 files changed, 4 insertions, 1 deletions
diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go
index 739026264..63968918c 100644
--- a/libpod/container_internal_linux.go
+++ b/libpod/container_internal_linux.go
@@ -330,7 +330,10 @@ func (c *Container) generateSpec(ctx context.Context) (*spec.Spec, error) {
// Add addition groups if c.config.GroupAdd is not empty
if len(c.config.Groups) > 0 {
- gids, _ := lookup.GetContainerGroups(c.config.Groups, c.state.Mountpoint, nil)
+ gids, err := lookup.GetContainerGroups(c.config.Groups, c.state.Mountpoint, overrides)
+ if err != nil {
+ return nil, errors.Wrapf(err, "error looking up supplemental groups for container %s", c.ID())
+ }
for _, gid := range gids {
g.AddProcessAdditionalGid(gid)
}
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-11-15 20:53:33 +0000