diff options
author | Matthew Heon <matthew.heon@pm.me> | 2020-07-15 15:25:12 -0400 |
---|---|---|
committer | Matthew Heon <mheon@redhat.com> | 2020-07-23 14:27:19 -0400 |
commit | bae6853906c388051a49b9a43776eba97e4f0523 (patch) | |
tree | e20eace33ee1448310b8c0836528031f3172e097 /libpod/runtime_volume_linux.go | |
parent | 9051546c4df40b611ca09b02ae57ae6e8fb72c94 (diff) | |
download | podman-bae6853906c388051a49b9a43776eba97e4f0523.tar.gz podman-bae6853906c388051a49b9a43776eba97e4f0523.tar.bz2 podman-bae6853906c388051a49b9a43776eba97e4f0523.zip |
Make changes to /etc/passwd on disk for non-read only
Bind-mounting /etc/passwd into the container is problematic
becuase of how system utilities like `useradd` work. They want
to make a copy and then rename to try to prevent breakage; this
is, unfortunately, impossible when the file they want to rename
is a bind mount. The current behavior is fine for read-only
containers, though, because we expect useradd to fail in those
cases.
Instead of bind-mounting, we can edit /etc/passwd in the
container's rootfs. This is kind of gross, because the change
will show up in `podman diff` and similar tools, and will be
included in images made by `podman commit`. However, it's a lot
better than breaking important system tools.
Fixes #6953
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
Diffstat (limited to 'libpod/runtime_volume_linux.go')
0 files changed, 0 insertions, 0 deletions