diff options
author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2018-12-05 08:09:58 -0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-12-05 08:09:58 -0800 |
commit | be74acee1ce5eed5c85d5ee96a7d305098be7112 (patch) | |
tree | 7b585e1ea64706eb9570dd036141a71bf5333539 /libpod | |
parent | 50e754cd579933ba887927f4ff05754ad926eb30 (diff) | |
parent | 39df2093e89a2816f317b72a73106166031045e6 (diff) | |
download | podman-be74acee1ce5eed5c85d5ee96a7d305098be7112.tar.gz podman-be74acee1ce5eed5c85d5ee96a7d305098be7112.tar.bz2 podman-be74acee1ce5eed5c85d5ee96a7d305098be7112.zip |
Merge pull request #1940 from wking/numeric-gid
libpod/container_internal_linux: Allow gids that aren't in the group file
Diffstat (limited to 'libpod')
-rw-r--r-- | libpod/container_internal_linux.go | 22 |
1 files changed, 7 insertions, 15 deletions
diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go index 780bf5279..b540bbeb8 100644 --- a/libpod/container_internal_linux.go +++ b/libpod/container_internal_linux.go @@ -236,9 +236,6 @@ func (c *Container) generateSpec(ctx context.Context) (*spec.Spec, error) { } if c.config.User != "" { - if !c.state.Mounted { - return nil, errors.Wrapf(ErrCtrStateInvalid, "container %s must be mounted in order to translate User field", c.ID()) - } // User and Group must go together g.SetProcessUID(uint32(execUser.Uid)) g.SetProcessGID(uint32(execUser.Gid)) @@ -246,9 +243,6 @@ func (c *Container) generateSpec(ctx context.Context) (*spec.Spec, error) { // Add addition groups if c.config.GroupAdd is not empty if len(c.config.Groups) > 0 { - if !c.state.Mounted { - return nil, errors.Wrapf(ErrCtrStateInvalid, "container %s must be mounted in order to add additional groups", c.ID()) - } gids, _ := lookup.GetContainerGroups(c.config.Groups, c.state.Mountpoint, nil) for _, gid := range gids { g.AddProcessAdditionalGid(gid) @@ -800,7 +794,6 @@ func (c *Container) generateHosts() (string, error) { func (c *Container) generatePasswd() (string, error) { var ( groupspec string - group *user.Group gid int ) if c.config.User == "" { @@ -825,17 +818,16 @@ func (c *Container) generatePasswd() (string, error) { return "", nil } if groupspec != "" { - if !c.state.Mounted { - return "", errors.Wrapf(ErrCtrStateInvalid, "container %s must be mounted in order to translate group field for passwd record", c.ID()) - } - group, err = lookup.GetGroup(c.state.Mountpoint, groupspec) - if err != nil { - if err == user.ErrNoGroupEntries { + ugid, err := strconv.ParseUint(groupspec, 10, 32) + if err == nil { + gid = int(ugid) + } else { + group, err := lookup.GetGroup(c.state.Mountpoint, groupspec) + if err != nil { return "", errors.Wrapf(err, "unable to get gid %s from group file", groupspec) } - return "", err + gid = group.Gid } - gid = group.Gid } originPasswdFile := filepath.Join(c.state.Mountpoint, "/etc/passwd") orig, err := ioutil.ReadFile(originPasswdFile) |