summaryrefslogtreecommitdiff
path: root/pkg/chrootuser
diff options
context:
space:
mode:
authorDaniel J Walsh <dwalsh@redhat.com>2018-10-09 07:54:37 -0400
committerDaniel J Walsh <dwalsh@redhat.com>2018-10-12 07:08:13 -0400
commit04a537756d9b7b526759c02b5b5d68c135b210ea (patch)
tree49e8a0e7610af0b6b752d28262ef78e98e0849b3 /pkg/chrootuser
parentda5c89497f9d6ee5cb6e826d7db7cca5686ab4f7 (diff)
downloadpodman-04a537756d9b7b526759c02b5b5d68c135b210ea.tar.gz
podman-04a537756d9b7b526759c02b5b5d68c135b210ea.tar.bz2
podman-04a537756d9b7b526759c02b5b5d68c135b210ea.zip
Generate a passwd file for users not in container
If someone runs podman as a user (uid) that is not defined in the container we want generate a passwd file so that getpwuid() will work inside of container. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Diffstat (limited to 'pkg/chrootuser')
-rw-r--r--pkg/chrootuser/user.go7
-rw-r--r--pkg/chrootuser/user_basic.go4
-rw-r--r--pkg/chrootuser/user_linux.go26
3 files changed, 37 insertions, 0 deletions
diff --git a/pkg/chrootuser/user.go b/pkg/chrootuser/user.go
index 3de138b86..c83dcc230 100644
--- a/pkg/chrootuser/user.go
+++ b/pkg/chrootuser/user.go
@@ -99,3 +99,10 @@ func GetAdditionalGroupsForUser(rootdir string, userid uint64) ([]uint32, error)
}
return gids, nil
}
+
+// LookupUIDInContainer returns username and gid associated with a UID in a container
+// it will use the /etc/passwd files inside of the rootdir
+// to return this information.
+func LookupUIDInContainer(rootdir string, uid uint64) (user string, gid uint64, err error) {
+ return lookupUIDInContainer(rootdir, uid)
+}
diff --git a/pkg/chrootuser/user_basic.go b/pkg/chrootuser/user_basic.go
index 4ed7918e9..79b0b24b5 100644
--- a/pkg/chrootuser/user_basic.go
+++ b/pkg/chrootuser/user_basic.go
@@ -21,3 +21,7 @@ func lookupGroupForUIDInContainer(rootdir string, userid uint64) (string, uint64
func lookupAdditionalGroupsForUIDInContainer(rootdir string, userid uint64) (gid []uint32, err error) {
return nil, errors.New("supplemental groups list lookup by uid not supported")
}
+
+func lookupUIDInContainer(rootdir string, uid uint64) (string, uint64, error) {
+ return "", 0, errors.New("UID lookup not supported")
+}
diff --git a/pkg/chrootuser/user_linux.go b/pkg/chrootuser/user_linux.go
index acd0af822..583eca569 100644
--- a/pkg/chrootuser/user_linux.go
+++ b/pkg/chrootuser/user_linux.go
@@ -265,3 +265,29 @@ func lookupGroupInContainer(rootdir, groupname string) (gid uint64, err error) {
return 0, user.UnknownGroupError(fmt.Sprintf("error looking up group %q", groupname))
}
+
+func lookupUIDInContainer(rootdir string, uid uint64) (string, uint64, error) {
+ cmd, f, err := openChrootedFile(rootdir, "/etc/passwd")
+ if err != nil {
+ return "", 0, err
+ }
+ defer func() {
+ _ = cmd.Wait()
+ }()
+ rc := bufio.NewReader(f)
+ defer f.Close()
+
+ lookupUser.Lock()
+ defer lookupUser.Unlock()
+
+ pwd := parseNextPasswd(rc)
+ for pwd != nil {
+ if pwd.uid != uid {
+ pwd = parseNextPasswd(rc)
+ continue
+ }
+ return pwd.name, pwd.gid, nil
+ }
+
+ return "", 0, user.UnknownUserError(fmt.Sprintf("error looking up uid %q", uid))
+}