summaryrefslogtreecommitdiff
path: root/pkg/util
diff options
context:
space:
mode:
authorGiuseppe Scrivano <gscrivan@redhat.com>2022-08-19 15:15:47 +0200
committerGiuseppe Scrivano <gscrivan@redhat.com>2022-08-30 14:39:27 +0200
commite015c9e3f74153ef069bfbb013e715766e793bf9 (patch)
tree6e42fa726031624ff134e6320f8270eee00d6afb /pkg/util
parentcd626060462e0262bf234a7565cad73852d7f884 (diff)
downloadpodman-e015c9e3f74153ef069bfbb013e715766e793bf9.tar.gz
podman-e015c9e3f74153ef069bfbb013e715766e793bf9.tar.bz2
podman-e015c9e3f74153ef069bfbb013e715766e793bf9.zip
podman: add uid and gid options to keep-id
add two new options to the keep-id user namespace option: - uid: allow to override the UID used inside the container. - gid: allow to override the GID used inside the container. For example, the following command will map the rootless user (that has UID=0 inside the rootless user namespace) to the UID=11 inside the container user namespace: $ podman run --userns=keep-id:uid=11 --rm -ti fedora cat /proc/self/uid_map 0 1 11 11 0 1 12 12 65525 Closes: https://github.com/containers/podman/issues/15294 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Diffstat (limited to 'pkg/util')
-rw-r--r--pkg/util/utils.go8
1 files changed, 7 insertions, 1 deletions
diff --git a/pkg/util/utils.go b/pkg/util/utils.go
index 33c11d611..87e403986 100644
--- a/pkg/util/utils.go
+++ b/pkg/util/utils.go
@@ -342,7 +342,7 @@ func ParseSignal(rawSignal string) (syscall.Signal, error) {
}
// GetKeepIDMapping returns the mappings and the user to use when keep-id is used
-func GetKeepIDMapping() (*stypes.IDMappingOptions, int, int, error) {
+func GetKeepIDMapping(opts *namespaces.KeepIDUserNsOptions) (*stypes.IDMappingOptions, int, int, error) {
if !rootless.IsRootless() {
return nil, -1, -1, errors.New("keep-id is only supported in rootless mode")
}
@@ -359,6 +359,12 @@ func GetKeepIDMapping() (*stypes.IDMappingOptions, int, int, error) {
uid := rootless.GetRootlessUID()
gid := rootless.GetRootlessGID()
+ if opts.UID != nil {
+ uid = int(*opts.UID)
+ }
+ if opts.GID != nil {
+ gid = int(*opts.GID)
+ }
uids, gids, err := rootless.GetConfiguredMappings()
if err != nil {