diff options
author | Daniel J Walsh <dwalsh@redhat.com> | 2018-10-09 07:54:37 -0400 |
---|---|---|
committer | Daniel J Walsh <dwalsh@redhat.com> | 2018-10-12 07:08:13 -0400 |
commit | 04a537756d9b7b526759c02b5b5d68c135b210ea (patch) | |
tree | 49e8a0e7610af0b6b752d28262ef78e98e0849b3 /pkg/chrootuser | |
parent | da5c89497f9d6ee5cb6e826d7db7cca5686ab4f7 (diff) | |
download | podman-04a537756d9b7b526759c02b5b5d68c135b210ea.tar.gz podman-04a537756d9b7b526759c02b5b5d68c135b210ea.tar.bz2 podman-04a537756d9b7b526759c02b5b5d68c135b210ea.zip |
Generate a passwd file for users not in container
If someone runs podman as a user (uid) that is not defined in the container
we want generate a passwd file so that getpwuid() will work inside of container.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Diffstat (limited to 'pkg/chrootuser')
-rw-r--r-- | pkg/chrootuser/user.go | 7 | ||||
-rw-r--r-- | pkg/chrootuser/user_basic.go | 4 | ||||
-rw-r--r-- | pkg/chrootuser/user_linux.go | 26 |
3 files changed, 37 insertions, 0 deletions
diff --git a/pkg/chrootuser/user.go b/pkg/chrootuser/user.go index 3de138b86..c83dcc230 100644 --- a/pkg/chrootuser/user.go +++ b/pkg/chrootuser/user.go @@ -99,3 +99,10 @@ func GetAdditionalGroupsForUser(rootdir string, userid uint64) ([]uint32, error) } return gids, nil } + +// LookupUIDInContainer returns username and gid associated with a UID in a container +// it will use the /etc/passwd files inside of the rootdir +// to return this information. +func LookupUIDInContainer(rootdir string, uid uint64) (user string, gid uint64, err error) { + return lookupUIDInContainer(rootdir, uid) +} diff --git a/pkg/chrootuser/user_basic.go b/pkg/chrootuser/user_basic.go index 4ed7918e9..79b0b24b5 100644 --- a/pkg/chrootuser/user_basic.go +++ b/pkg/chrootuser/user_basic.go @@ -21,3 +21,7 @@ func lookupGroupForUIDInContainer(rootdir string, userid uint64) (string, uint64 func lookupAdditionalGroupsForUIDInContainer(rootdir string, userid uint64) (gid []uint32, err error) { return nil, errors.New("supplemental groups list lookup by uid not supported") } + +func lookupUIDInContainer(rootdir string, uid uint64) (string, uint64, error) { + return "", 0, errors.New("UID lookup not supported") +} diff --git a/pkg/chrootuser/user_linux.go b/pkg/chrootuser/user_linux.go index acd0af822..583eca569 100644 --- a/pkg/chrootuser/user_linux.go +++ b/pkg/chrootuser/user_linux.go @@ -265,3 +265,29 @@ func lookupGroupInContainer(rootdir, groupname string) (gid uint64, err error) { return 0, user.UnknownGroupError(fmt.Sprintf("error looking up group %q", groupname)) } + +func lookupUIDInContainer(rootdir string, uid uint64) (string, uint64, error) { + cmd, f, err := openChrootedFile(rootdir, "/etc/passwd") + if err != nil { + return "", 0, err + } + defer func() { + _ = cmd.Wait() + }() + rc := bufio.NewReader(f) + defer f.Close() + + lookupUser.Lock() + defer lookupUser.Unlock() + + pwd := parseNextPasswd(rc) + for pwd != nil { + if pwd.uid != uid { + pwd = parseNextPasswd(rc) + continue + } + return pwd.name, pwd.gid, nil + } + + return "", 0, user.UnknownUserError(fmt.Sprintf("error looking up uid %q", uid)) +} |