summaryrefslogtreecommitdiff
path: root/libpod
diff options
context:
space:
mode:
authorOpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com>2018-12-05 08:09:58 -0800
committerGitHub <noreply@github.com>2018-12-05 08:09:58 -0800
commitbe74acee1ce5eed5c85d5ee96a7d305098be7112 (patch)
tree7b585e1ea64706eb9570dd036141a71bf5333539 /libpod
parent50e754cd579933ba887927f4ff05754ad926eb30 (diff)
parent39df2093e89a2816f317b72a73106166031045e6 (diff)
downloadpodman-be74acee1ce5eed5c85d5ee96a7d305098be7112.tar.gz
podman-be74acee1ce5eed5c85d5ee96a7d305098be7112.tar.bz2
podman-be74acee1ce5eed5c85d5ee96a7d305098be7112.zip
Merge pull request #1940 from wking/numeric-gid
libpod/container_internal_linux: Allow gids that aren't in the group file
Diffstat (limited to 'libpod')
-rw-r--r--libpod/container_internal_linux.go22
1 files changed, 7 insertions, 15 deletions
diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go
index 780bf5279..b540bbeb8 100644
--- a/libpod/container_internal_linux.go
+++ b/libpod/container_internal_linux.go
@@ -236,9 +236,6 @@ func (c *Container) generateSpec(ctx context.Context) (*spec.Spec, error) {
}
if c.config.User != "" {
- if !c.state.Mounted {
- return nil, errors.Wrapf(ErrCtrStateInvalid, "container %s must be mounted in order to translate User field", c.ID())
- }
// User and Group must go together
g.SetProcessUID(uint32(execUser.Uid))
g.SetProcessGID(uint32(execUser.Gid))
@@ -246,9 +243,6 @@ func (c *Container) generateSpec(ctx context.Context) (*spec.Spec, error) {
// Add addition groups if c.config.GroupAdd is not empty
if len(c.config.Groups) > 0 {
- if !c.state.Mounted {
- return nil, errors.Wrapf(ErrCtrStateInvalid, "container %s must be mounted in order to add additional groups", c.ID())
- }
gids, _ := lookup.GetContainerGroups(c.config.Groups, c.state.Mountpoint, nil)
for _, gid := range gids {
g.AddProcessAdditionalGid(gid)
@@ -800,7 +794,6 @@ func (c *Container) generateHosts() (string, error) {
func (c *Container) generatePasswd() (string, error) {
var (
groupspec string
- group *user.Group
gid int
)
if c.config.User == "" {
@@ -825,17 +818,16 @@ func (c *Container) generatePasswd() (string, error) {
return "", nil
}
if groupspec != "" {
- if !c.state.Mounted {
- return "", errors.Wrapf(ErrCtrStateInvalid, "container %s must be mounted in order to translate group field for passwd record", c.ID())
- }
- group, err = lookup.GetGroup(c.state.Mountpoint, groupspec)
- if err != nil {
- if err == user.ErrNoGroupEntries {
+ ugid, err := strconv.ParseUint(groupspec, 10, 32)
+ if err == nil {
+ gid = int(ugid)
+ } else {
+ group, err := lookup.GetGroup(c.state.Mountpoint, groupspec)
+ if err != nil {
return "", errors.Wrapf(err, "unable to get gid %s from group file", groupspec)
}
- return "", err
+ gid = group.Gid
}
- gid = group.Gid
}
originPasswdFile := filepath.Join(c.state.Mountpoint, "/etc/passwd")
orig, err := ioutil.ReadFile(originPasswdFile)