diff options
| author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2021-01-07 09:35:01 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-01-07 09:35:01 -0500 |
| commit | 74af9254b98eb21e25c9776b0cf0664d3cb2c46e (patch) | |
| tree | 457ea2121a022d0f9faa08e9c5347ff093e1515c /libpod | |
| parent | a47515008b3c0dde9f161faa0d9f455ca6772393 (diff) | |
| parent | ecedda63a6488162c9aad2a99c1ada172340ac7f (diff) | |
| download | podman-74af9254b98eb21e25c9776b0cf0664d3cb2c46e.tar.gz podman-74af9254b98eb21e25c9776b0cf0664d3cb2c46e.tar.bz2 podman-74af9254b98eb21e25c9776b0cf0664d3cb2c46e.zip | |
Merge pull request #8816 from giuseppe/automatically-split-userns-mappings
rootless: automatically split userns ranges
Diffstat (limited to 'libpod')
| -rw-r--r-- | libpod/container_internal_linux.go | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go index cefe12209..bc8f0f932 100644 --- a/libpod/container_internal_linux.go +++ b/libpod/container_internal_linux.go @@ -529,6 +529,13 @@ func (c *Container) generateSpec(ctx context.Context) (*spec.Spec, error) { } } + availableUIDs, availableGIDs, err := rootless.GetAvailableIDMaps() + if err != nil { + return nil, err + } + g.Config.Linux.UIDMappings = rootless.MaybeSplitMappings(g.Config.Linux.UIDMappings, availableUIDs) + g.Config.Linux.GIDMappings = rootless.MaybeSplitMappings(g.Config.Linux.GIDMappings, availableGIDs) + // Hostname handling: // If we have a UTS namespace, set Hostname in the OCI spec. // Set the HOSTNAME environment variable unless explicitly overridden by @@ -536,6 +543,7 @@ func (c *Container) generateSpec(ctx context.Context) (*spec.Spec, error) { // set it to the host's hostname instead. hostname := c.Hostname() foundUTS := false + for _, i := range c.config.Spec.Linux.Namespaces { if i.Type == spec.UTSNamespace && i.Path == "" { foundUTS = true |