diff options
author | Daniel J Walsh <dwalsh@redhat.com> | 2021-03-07 06:11:54 -0500 |
---|---|---|
committer | Daniel J Walsh <dwalsh@redhat.com> | 2021-03-08 06:14:08 -0500 |
commit | 0e36e65eaa1bab89b5d0a7a66253338e723429c5 (patch) | |
tree | f1a443a24fcfdb6fa3389558a6ed1d8a65ca843e /libpod | |
parent | b7c00f2cc03499d5d385a7aa7e8cd35d0ab994d7 (diff) | |
download | podman-0e36e65eaa1bab89b5d0a7a66253338e723429c5.tar.gz podman-0e36e65eaa1bab89b5d0a7a66253338e723429c5.tar.bz2 podman-0e36e65eaa1bab89b5d0a7a66253338e723429c5.zip |
Allow users to generate a kubernetes yaml off non running containers
Currently if you attempt to create a kube.yaml file off of a non running
container where the container runs as a specific User, the creation
fails because the storage container is not mounted. Podman is supposed to
read the /etc/passwd entry inside of the container but since the
container is not mounted, the c.State.Mountpoint == "". Podman
incorrectly attempts to read /etc/passwd on the host, and fails if the
specified user is not in the hosts /etc/passwd.
This PR mounts the storage container, if it was not mounted so the read
succeeds.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Diffstat (limited to 'libpod')
-rw-r--r-- | libpod/kube.go | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/libpod/kube.go b/libpod/kube.go index 0c4f9f0a0..6feb69fea 100644 --- a/libpod/kube.go +++ b/libpod/kube.go @@ -676,8 +676,18 @@ func generateKubeSecurityContext(c *Container) (*v1.SecurityContext, error) { return nil, errors.Wrapf(err, "unable to sync container during YAML generation") } + mountpoint := c.state.Mountpoint + if mountpoint == "" { + var err error + mountpoint, err = c.mount() + if err != nil { + return nil, errors.Wrapf(err, "failed to mount %s mountpoint", c.ID()) + } + defer c.unmount(false) + } logrus.Debugf("Looking in container for user: %s", c.User()) - execUser, err := lookup.GetUserGroupInfo(c.state.Mountpoint, c.User(), nil) + + execUser, err := lookup.GetUserGroupInfo(mountpoint, c.User(), nil) if err != nil { return nil, err } |