Add U volume flag to chown source volumes

Signed-off-by: Eduardo Vega <edvegavalerio@gmail.com>

4 files changed, 35 insertions, 4 deletions

diff --git a/pkg/specgen/generate/container_create.go b/pkg/specgen/generate/container_create.go
index 3b7112959..03697b353 100644
--- a/pkg/specgen/generate/container_create.go
+++ b/pkg/specgen/generate/container_create.go
@@ -247,8 +247,9 @@ func createContainerOptions(ctx context.Context, rt *libpod.Runtime, s *specgen.
 		var vols []*libpod.ContainerOverlayVolume
 		for _, v := range overlays {
 			vols = append(vols, &libpod.ContainerOverlayVolume{
-				Dest:   v.Destination,
-				Source: v.Source,
+				Dest:    v.Destination,
+				Source:  v.Source,
+				Options: v.Options,
 			})
 		}
 		options = append(options, libpod.WithOverlayVolumes(vols))
diff --git a/pkg/specgen/volumes.go b/pkg/specgen/volumes.go
index 83634b4ef..d85d2bdd1 100644
--- a/pkg/specgen/volumes.go
+++ b/pkg/specgen/volumes.go
@@ -31,6 +31,8 @@ type OverlayVolume struct {
 	Destination string `json:"destination"`
 	// Source specifies the source path of the mount.
 	Source string `json:"source,omitempty"`
+	// Options holds overlay volume options.
+	Options []string `json:"options,omitempty"`
 }
 
 // ImageVolume is a volume based on a container image.  The container image is
@@ -100,10 +102,17 @@ func GenVolumeMounts(volumeFlag []string) (map[string]spec.Mount, map[string]*Na
 		if strings.HasPrefix(src, "/") || strings.HasPrefix(src, ".") {
 			// This is not a named volume
 			overlayFlag := false
+			chownFlag := false
 			for _, o := range options {
 				if o == "O" {
 					overlayFlag = true
-					if len(options) > 1 {
+
+					joinedOpts := strings.Join(options, "")
+					if strings.Contains(joinedOpts, "U") {
+						chownFlag = true
+					}
+
+					if len(options) > 2 || (len(options) == 2 && !chownFlag) {
 						return nil, nil, nil, errors.New("can't use 'O' with other options")
 					}
 				}
@@ -113,6 +122,8 @@ func GenVolumeMounts(volumeFlag []string) (map[string]spec.Mount, map[string]*Na
 				newOverlayVol := new(OverlayVolume)
 				newOverlayVol.Destination = cleanDest
 				newOverlayVol.Source = src
+				newOverlayVol.Options = options
+
 				if _, ok := overlayVolumes[newOverlayVol.Destination]; ok {
 					return nil, nil, nil, errors.Wrapf(errDuplicateDest, newOverlayVol.Destination)
 				}
diff --git a/pkg/util/mountOpts.go b/pkg/util/mountOpts.go
index b3a38f286..f13dc94ec 100644
--- a/pkg/util/mountOpts.go
+++ b/pkg/util/mountOpts.go
@@ -25,7 +25,7 @@ type defaultMountOptions struct {
 // The sourcePath variable, if not empty, contains a bind mount source.
 func ProcessOptions(options []string, isTmpfs bool, sourcePath string) ([]string, error) {
 	var (
-		foundWrite, foundSize, foundProp, foundMode, foundExec, foundSuid, foundDev, foundCopyUp, foundBind, foundZ bool
+		foundWrite, foundSize, foundProp, foundMode, foundExec, foundSuid, foundDev, foundCopyUp, foundBind, foundZ, foundU bool
 	)
 
 	newOptions := make([]string, 0, len(options))
@@ -116,6 +116,11 @@ func ProcessOptions(options []string, isTmpfs bool, sourcePath string) ([]string
 				return nil, errors.Wrapf(ErrDupeMntOption, "only one of 'z' and 'Z' can be used")
 			}
 			foundZ = true
+		case "U":
+			if foundU {
+				return nil, errors.Wrapf(ErrDupeMntOption, "the 'U' option can only be set once")
+			}
+			foundU = true
 		default:
 			return nil, errors.Wrapf(ErrBadMntOption, "unknown mount option %q", opt)
 		}
diff --git a/pkg/util/utils.go b/pkg/util/utils.go
index c6ecd91f6..a4c8f3a64 100644
--- a/pkg/util/utils.go
+++ b/pkg/util/utils.go
@@ -23,6 +23,7 @@ import (
 	"github.com/containers/storage"
 	"github.com/containers/storage/pkg/idtools"
 	v1 "github.com/opencontainers/image-spec/specs-go/v1"
+	"github.com/opencontainers/runtime-spec/specs-go"
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
 	"golang.org/x/crypto/ssh/terminal"
@@ -692,3 +693,16 @@ func CoresToPeriodAndQuota(cores float64) (uint64, int64) {
 func PeriodAndQuotaToCores(period uint64, quota int64) float64 {
 	return float64(quota) / float64(period)
 }
+
+// IDtoolsToRuntimeSpec converts idtools ID mapping to the one of the runtime spec.
+func IDtoolsToRuntimeSpec(idMaps []idtools.IDMap) (convertedIDMap []specs.LinuxIDMapping) {
+	for _, idmap := range idMaps {
+		tempIDMap := specs.LinuxIDMapping{
+			ContainerID: uint32(idmap.ContainerID),
+			HostID:      uint32(idmap.HostID),
+			Size:        uint32(idmap.Size),
+		}
+		convertedIDMap = append(convertedIDMap, tempIDMap)
+	}
+	return convertedIDMap
+}