aboutsummaryrefslogtreecommitdiff
path: root/pkg/chrootuser
diff options
context:
space:
mode:
authorumohnani8 <umohnani@redhat.com>2018-04-03 13:37:25 -0400
committerAtomic Bot <atomic-devel@projectatomic.io>2018-04-06 00:09:46 +0000
commit998fd2ece0480e581e013124d0969a1af6305110 (patch)
tree84f3ae049fb1246a2f31c5eb5f55b40e6a17fc81 /pkg/chrootuser
parentc3e2b00333d42dc87a3385939715813006cc8af1 (diff)
downloadpodman-998fd2ece0480e581e013124d0969a1af6305110.tar.gz
podman-998fd2ece0480e581e013124d0969a1af6305110.tar.bz2
podman-998fd2ece0480e581e013124d0969a1af6305110.zip
Functionality changes to the following flags
--group-add --blkio-weight-device --device-read-bps --device-write-bps --device-read-iops --device-write-iops --group-add now supports group names as well as the gid associated with them. All the --device flags work now with moderate changes to the code to support both bps and iops. Added tests for all the flags. Signed-off-by: umohnani8 <umohnani@redhat.com> Closes: #590 Approved by: mheon
Diffstat (limited to 'pkg/chrootuser')
-rw-r--r--pkg/chrootuser/user.go5
-rw-r--r--pkg/chrootuser/user_linux.go32
2 files changed, 37 insertions, 0 deletions
diff --git a/pkg/chrootuser/user.go b/pkg/chrootuser/user.go
index 9be386ef9..22ba5ff8a 100644
--- a/pkg/chrootuser/user.go
+++ b/pkg/chrootuser/user.go
@@ -69,3 +69,8 @@ func GetUser(rootdir, userspec string) (uint32, uint32, error) {
}
return 0, 0, err
}
+
+// GetAdditionalGroupsForUser returns a list of gids that userid is associated with
+func GetAdditionalGroupsForUser(rootdir string, userid uint64) ([]uint32, error) {
+ return lookupAdditionalGroupsForUIDInContainer(rootdir, userid)
+}
diff --git a/pkg/chrootuser/user_linux.go b/pkg/chrootuser/user_linux.go
index 2baf9ea33..64ff7cef6 100644
--- a/pkg/chrootuser/user_linux.go
+++ b/pkg/chrootuser/user_linux.go
@@ -88,6 +88,7 @@ type lookupPasswdEntry struct {
type lookupGroupEntry struct {
name string
gid uint64
+ user string
}
func readWholeLine(rc *bufio.Reader) ([]byte, error) {
@@ -153,6 +154,7 @@ func parseNextGroup(rc *bufio.Reader) *lookupGroupEntry {
return &lookupGroupEntry{
name: fields[0],
gid: gid,
+ user: fields[3],
}
}
@@ -208,6 +210,36 @@ func lookupGroupForUIDInContainer(rootdir string, userid uint64) (username strin
return "", 0, user.UnknownUserError(fmt.Sprintf("error looking up user with UID %d", userid))
}
+func lookupAdditionalGroupsForUIDInContainer(rootdir string, userid uint64) (gid []uint32, err error) {
+ // Get the username associated with userid
+ username, _, err := lookupGroupForUIDInContainer(rootdir, userid)
+ if err != nil {
+ return nil, err
+ }
+
+ cmd, f, err := openChrootedFile(rootdir, "/etc/group")
+ if err != nil {
+ return nil, err
+ }
+ defer func() {
+ _ = cmd.Wait()
+ }()
+ rc := bufio.NewReader(f)
+ defer f.Close()
+
+ lookupGroup.Lock()
+ defer lookupGroup.Unlock()
+
+ grp := parseNextGroup(rc)
+ for grp != nil {
+ if strings.Contains(grp.user, username) {
+ gid = append(gid, uint32(grp.gid))
+ }
+ grp = parseNextGroup(rc)
+ }
+ return gid, nil
+}
+
func lookupGroupInContainer(rootdir, groupname string) (gid uint64, err error) {
cmd, f, err := openChrootedFile(rootdir, "/etc/group")
if err != nil {