summaryrefslogtreecommitdiff
path: root/libpod
diff options
context:
space:
mode:
authorGiuseppe Scrivano <gscrivan@redhat.com>2022-03-21 16:43:14 +0100
committerGiuseppe Scrivano <gscrivan@redhat.com>2022-04-14 11:22:13 +0200
commit3f2939c2ef6d9867862f597751c12b14c74440a3 (patch)
tree4033f1a48052c0ab001a213c0ce8d54af6fab8da /libpod
parent15712c76fb198cec7509ff0cf401e357401d2d7d (diff)
downloadpodman-3f2939c2ef6d9867862f597751c12b14c74440a3.tar.gz
podman-3f2939c2ef6d9867862f597751c12b14c74440a3.tar.bz2
podman-3f2939c2ef6d9867862f597751c12b14c74440a3.zip
run, create: add --passwd-entry
It allows to customize the entry that is written to the `/etc/passwd` file when --passwd is used. Closes: https://github.com/containers/podman/issues/13185 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Diffstat (limited to 'libpod')
-rw-r--r--libpod/container_config.go2
-rw-r--r--libpod/container_internal_linux.go19
-rw-r--r--libpod/options.go13
3 files changed, 34 insertions, 0 deletions
diff --git a/libpod/container_config.go b/libpod/container_config.go
index ea644764c..8500c6db9 100644
--- a/libpod/container_config.go
+++ b/libpod/container_config.go
@@ -404,6 +404,8 @@ type ContainerMiscConfig struct {
// InitContainerType specifies if the container is an initcontainer
// and if so, what type: always or once are possible non-nil entries
InitContainerType string `json:"init_container_type,omitempty"`
+ // PasswdEntry specifies arbitrary data to append to a file.
+ PasswdEntry string `json:"passwd_entry,omitempty"`
}
// InfraInherit contains the compatible options inheritable from the infra container
diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go
index 11ca169ca..9369b746c 100644
--- a/libpod/container_internal_linux.go
+++ b/libpod/container_internal_linux.go
@@ -2724,6 +2724,9 @@ func (c *Container) userPasswdEntry(u *user.User) (string, error) {
if !hasHomeSet {
c.config.Spec.Process.Env = append(c.config.Spec.Process.Env, fmt.Sprintf("HOME=%s", homeDir))
}
+ if c.config.PasswdEntry != "" {
+ return c.passwdEntry(u.Username, u.Uid, u.Gid, u.Name, homeDir), nil
+ }
return fmt.Sprintf("%s:*:%s:%s:%s:%s:/bin/sh\n", u.Username, u.Uid, u.Gid, u.Name, homeDir), nil
}
@@ -2775,9 +2778,25 @@ func (c *Container) generateUserPasswdEntry(addedUID int) (string, int, int, err
gid = group.Gid
}
}
+
+ if c.config.PasswdEntry != "" {
+ entry := c.passwdEntry(fmt.Sprintf("%d", uid), fmt.Sprintf("%d", uid), fmt.Sprintf("%d", gid), "container user", c.WorkingDir())
+ return entry, int(uid), gid, nil
+ }
+
return fmt.Sprintf("%d:*:%d:%d:container user:%s:/bin/sh\n", uid, uid, gid, c.WorkingDir()), int(uid), gid, nil
}
+func (c *Container) passwdEntry(username string, uid, gid, name, homeDir string) string {
+ s := c.config.PasswdEntry
+ s = strings.Replace(s, "$USERNAME", username, -1)
+ s = strings.Replace(s, "$UID", uid, -1)
+ s = strings.Replace(s, "$GID", gid, -1)
+ s = strings.Replace(s, "$NAME", name, -1)
+ s = strings.Replace(s, "$HOME", homeDir, -1)
+ return s + "\n"
+}
+
// generatePasswdAndGroup generates container-specific passwd and group files
// iff g.config.User is a number or we are configured to make a passwd entry for
// the current user or the user specified HostsUsers
diff --git a/libpod/options.go b/libpod/options.go
index 2e5454393..6c4b4cc42 100644
--- a/libpod/options.go
+++ b/libpod/options.go
@@ -2051,3 +2051,16 @@ func WithChrootDirs(dirs []string) CtrCreateOption {
return nil
}
}
+
+// WithPasswdEntry sets the entry to write to the /etc/passwd file.
+func WithPasswdEntry(passwdEntry string) CtrCreateOption {
+ return func(ctr *Container) error {
+ if ctr.valid {
+ return define.ErrCtrFinalized
+ }
+
+ ctr.config.PasswdEntry = passwdEntry
+
+ return nil
+ }
+}