diff options
| author | Giuseppe Scrivano <gscrivan@redhat.com> | 2018-06-11 16:03:34 +0200 |
|---|---|---|
| committer | Atomic Bot <atomic-devel@projectatomic.io> | 2018-06-27 14:07:17 +0000 |
| commit | 5ff90677c83b78366554493e10f7615119f7e0a1 (patch) | |
| tree | 094685755b891f5813a458cfadb5374e68f732fb /pkg/spec/createconfig.go | |
| parent | 8ee8f847340c3ac2264e183655fb7cdcbbfbb2cd (diff) | |
| download | podman-5ff90677c83b78366554493e10f7615119f7e0a1.tar.gz podman-5ff90677c83b78366554493e10f7615119f7e0a1.tar.bz2 podman-5ff90677c83b78366554493e10f7615119f7e0a1.zip | |
rootless: add management for the userNS
When running podman as non root user always create an userNS and let
the OCI runtime use it.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #936
Approved by: rhatdan
Diffstat (limited to 'pkg/spec/createconfig.go')
| -rw-r--r-- | pkg/spec/createconfig.go | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/pkg/spec/createconfig.go b/pkg/spec/createconfig.go index 205e08c57..af0a62c65 100644 --- a/pkg/spec/createconfig.go +++ b/pkg/spec/createconfig.go @@ -16,6 +16,7 @@ import ( "github.com/opencontainers/selinux/go-selinux/label" "github.com/pkg/errors" "github.com/projectatomic/libpod/libpod" + "github.com/projectatomic/libpod/pkg/rootless" "github.com/sirupsen/logrus" "golang.org/x/sys/unix" ) @@ -360,7 +361,7 @@ func (c *CreateConfig) GetContainerCreateOptions() ([]libpod.CtrCreateOption, er // does not have one options = append(options, libpod.WithEntrypoint(c.Entrypoint)) - if os.Getuid() != 0 { + if rootless.IsRootless() { if !c.NetMode.IsHost() && !c.NetMode.IsNone() { options = append(options, libpod.WithNetNS(portBindings, true)) } |