diff options
| author | Paul Holzinger <pholzing@redhat.com> | 2021-06-10 13:52:30 +0200 |
|---|---|---|
| committer | Paul Holzinger <pholzing@redhat.com> | 2021-06-11 13:27:08 +0200 |
| commit | ad3b56c62f07bbbd97433e972db0a0582dd84840 (patch) | |
| tree | c2fd8733a19e085949c2bae83423c7622638834d /libpod | |
| parent | ea39735845655aaf77de577a35557a0fb003514f (diff) | |
| download | podman-ad3b56c62f07bbbd97433e972db0a0582dd84840.tar.gz podman-ad3b56c62f07bbbd97433e972db0a0582dd84840.tar.bz2 podman-ad3b56c62f07bbbd97433e972db0a0582dd84840.zip | |
Fix volumes with uid and gid options
Podman uses the volume option map to check if it has to mount the volume
or not when the container is started. Commit 28138dafcc39 added to uid
and gid options to this map, however when only uid/gid is set we cannot
mount this volume because there is no filesystem or device specified.
Make sure we do not try to mount the volume when only the uid/gid option
is set since this is a simple chown operation.
Also when a uid/gid is explicity set, do not chown the volume based on
the container user when the volume is used for the first time.
Fixes #10620
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Diffstat (limited to 'libpod')
| -rw-r--r-- | libpod/options.go | 13 | ||||
| -rw-r--r-- | libpod/volume_internal.go | 19 |
2 files changed, 30 insertions, 2 deletions
diff --git a/libpod/options.go b/libpod/options.go index f942d264b..d3be46ad8 100644 --- a/libpod/options.go +++ b/libpod/options.go @@ -1641,6 +1641,19 @@ func WithVolumeGID(gid int) VolumeCreateOption { } } +// WithVolumeNoChown prevents the volume from being chowned to the process uid at first use. +func WithVolumeNoChown() VolumeCreateOption { + return func(volume *Volume) error { + if volume.valid { + return define.ErrVolumeFinalized + } + + volume.state.NeedsChown = false + + return nil + } +} + // withSetAnon sets a bool notifying libpod that this volume is anonymous and // should be removed when containers using it are removed and volumes are // specified for removal. diff --git a/libpod/volume_internal.go b/libpod/volume_internal.go index 694cdd149..19008a253 100644 --- a/libpod/volume_internal.go +++ b/libpod/volume_internal.go @@ -39,8 +39,23 @@ func (v *Volume) needsMount() bool { return true } - // Local driver with options needs mount - return len(v.config.Options) > 0 + // Commit 28138dafcc added the UID and GID options to this map + // However we should only mount when options other than uid and gid are set. + // see https://github.com/containers/podman/issues/10620 + index := 0 + if _, ok := v.config.Options["UID"]; ok { + index++ + } + if _, ok := v.config.Options["GID"]; ok { + index++ + } + // when uid or gid is set there is also the "o" option + // set so we have to ignore this one as well + if index > 0 { + index++ + } + // Local driver with options other than uid,gid needs mount + return len(v.config.Options) > index } // update() updates the volume state from the DB. |