diff options
author | Giuseppe Scrivano <gscrivan@redhat.com> | 2022-03-21 16:43:14 +0100 |
---|---|---|
committer | Giuseppe Scrivano <gscrivan@redhat.com> | 2022-04-14 11:22:13 +0200 |
commit | 3f2939c2ef6d9867862f597751c12b14c74440a3 (patch) | |
tree | 4033f1a48052c0ab001a213c0ce8d54af6fab8da /libpod | |
parent | 15712c76fb198cec7509ff0cf401e357401d2d7d (diff) | |
download | podman-3f2939c2ef6d9867862f597751c12b14c74440a3.tar.gz podman-3f2939c2ef6d9867862f597751c12b14c74440a3.tar.bz2 podman-3f2939c2ef6d9867862f597751c12b14c74440a3.zip |
run, create: add --passwd-entry
It allows to customize the entry that is written to the `/etc/passwd`
file when --passwd is used.
Closes: https://github.com/containers/podman/issues/13185
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Diffstat (limited to 'libpod')
-rw-r--r-- | libpod/container_config.go | 2 | ||||
-rw-r--r-- | libpod/container_internal_linux.go | 19 | ||||
-rw-r--r-- | libpod/options.go | 13 |
3 files changed, 34 insertions, 0 deletions
diff --git a/libpod/container_config.go b/libpod/container_config.go index ea644764c..8500c6db9 100644 --- a/libpod/container_config.go +++ b/libpod/container_config.go @@ -404,6 +404,8 @@ type ContainerMiscConfig struct { // InitContainerType specifies if the container is an initcontainer // and if so, what type: always or once are possible non-nil entries InitContainerType string `json:"init_container_type,omitempty"` + // PasswdEntry specifies arbitrary data to append to a file. + PasswdEntry string `json:"passwd_entry,omitempty"` } // InfraInherit contains the compatible options inheritable from the infra container diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go index 11ca169ca..9369b746c 100644 --- a/libpod/container_internal_linux.go +++ b/libpod/container_internal_linux.go @@ -2724,6 +2724,9 @@ func (c *Container) userPasswdEntry(u *user.User) (string, error) { if !hasHomeSet { c.config.Spec.Process.Env = append(c.config.Spec.Process.Env, fmt.Sprintf("HOME=%s", homeDir)) } + if c.config.PasswdEntry != "" { + return c.passwdEntry(u.Username, u.Uid, u.Gid, u.Name, homeDir), nil + } return fmt.Sprintf("%s:*:%s:%s:%s:%s:/bin/sh\n", u.Username, u.Uid, u.Gid, u.Name, homeDir), nil } @@ -2775,9 +2778,25 @@ func (c *Container) generateUserPasswdEntry(addedUID int) (string, int, int, err gid = group.Gid } } + + if c.config.PasswdEntry != "" { + entry := c.passwdEntry(fmt.Sprintf("%d", uid), fmt.Sprintf("%d", uid), fmt.Sprintf("%d", gid), "container user", c.WorkingDir()) + return entry, int(uid), gid, nil + } + return fmt.Sprintf("%d:*:%d:%d:container user:%s:/bin/sh\n", uid, uid, gid, c.WorkingDir()), int(uid), gid, nil } +func (c *Container) passwdEntry(username string, uid, gid, name, homeDir string) string { + s := c.config.PasswdEntry + s = strings.Replace(s, "$USERNAME", username, -1) + s = strings.Replace(s, "$UID", uid, -1) + s = strings.Replace(s, "$GID", gid, -1) + s = strings.Replace(s, "$NAME", name, -1) + s = strings.Replace(s, "$HOME", homeDir, -1) + return s + "\n" +} + // generatePasswdAndGroup generates container-specific passwd and group files // iff g.config.User is a number or we are configured to make a passwd entry for // the current user or the user specified HostsUsers diff --git a/libpod/options.go b/libpod/options.go index 2e5454393..6c4b4cc42 100644 --- a/libpod/options.go +++ b/libpod/options.go @@ -2051,3 +2051,16 @@ func WithChrootDirs(dirs []string) CtrCreateOption { return nil } } + +// WithPasswdEntry sets the entry to write to the /etc/passwd file. +func WithPasswdEntry(passwdEntry string) CtrCreateOption { + return func(ctr *Container) error { + if ctr.valid { + return define.ErrCtrFinalized + } + + ctr.config.PasswdEntry = passwdEntry + + return nil + } +} |