diff options
| author | Giuseppe Scrivano <gscrivan@redhat.com> | 2019-05-23 22:28:59 +0200 |
|---|---|---|
| committer | Giuseppe Scrivano <gscrivan@redhat.com> | 2019-05-24 17:34:12 +0200 |
| commit | f09370c68b8b514aca80bfaa34f98fbc5b97d318 (patch) | |
| tree | 703f156c0ead88361527575f6fd2ccfb2a13893e /pkg/namespaces | |
| parent | 6df320c3910da5600a611f8aed783a499430a75c (diff) | |
| download | podman-f09370c68b8b514aca80bfaa34f98fbc5b97d318.tar.gz podman-f09370c68b8b514aca80bfaa34f98fbc5b97d318.tar.bz2 podman-f09370c68b8b514aca80bfaa34f98fbc5b97d318.zip | |
userns: add new option --userns=keep-id
it creates a namespace where the current UID:GID on the host is mapped
to the same UID:GID in the container.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Diffstat (limited to 'pkg/namespaces')
| -rw-r--r-- | pkg/namespaces/namespaces.go | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/pkg/namespaces/namespaces.go b/pkg/namespaces/namespaces.go index fde6118af..ec9276344 100644 --- a/pkg/namespaces/namespaces.go +++ b/pkg/namespaces/namespaces.go @@ -12,6 +12,11 @@ func (n UsernsMode) IsHost() bool { return n == "host" } +// IsKeepID indicates whether container uses a mapping where the (uid, gid) on the host is lept inside of the namespace. +func (n UsernsMode) IsKeepID() bool { + return n == "keep-id" +} + // IsPrivate indicates whether the container uses the a private userns. func (n UsernsMode) IsPrivate() bool { return !(n.IsHost()) @@ -21,7 +26,7 @@ func (n UsernsMode) IsPrivate() bool { func (n UsernsMode) Valid() bool { parts := strings.Split(string(n), ":") switch mode := parts[0]; mode { - case "", "host": + case "", "host", "keep-id": default: return false } |