diff options
| -rw-r--r-- | cmd/podman/create.go | 14 | ||||
| -rw-r--r-- | cmd/podman/main.go | 1 |
2 files changed, 14 insertions, 1 deletions
diff --git a/cmd/podman/create.go b/cmd/podman/create.go index 586368e24..04f3cd9e6 100644 --- a/cmd/podman/create.go +++ b/cmd/podman/create.go @@ -99,6 +99,10 @@ func createCmd(c *cli.Context) error { storageOpts.UIDMap = mappings.UIDMap storageOpts.GIDMap = mappings.GIDMap + if os.Getuid() != 0 { + rootless.SetSkipStorageSetup(true) + } + runtime, err := libpodruntime.GetRuntimeWithStorageOpts(c, &storageOpts) if err != nil { return errors.Wrapf(err, "error creating libpod runtime") @@ -110,7 +114,7 @@ func createCmd(c *cli.Context) error { imageName := "" var data *inspect.ImageData = nil - if rootfs == "" { + if rootfs == "" && !rootless.SkipStorageSetup() { newImage, err := runtime.ImageRuntime().New(ctx, c.Args()[0], rtc.SignaturePolicyPath, "", os.Stderr, nil, image.SigningOptions{}, false, false) if err != nil { return err @@ -133,6 +137,14 @@ func createCmd(c *cli.Context) error { return err } + became, ret, err := joinOrCreateRootlessUserNamespace(createConfig, runtime) + if err != nil { + return err + } + if became { + os.Exit(ret) + } + ctr, err := runtime.NewContainer(ctx, runtimeSpec, options...) if err != nil { return err diff --git a/cmd/podman/main.go b/cmd/podman/main.go index 7960fc277..9d8d212b8 100644 --- a/cmd/podman/main.go +++ b/cmd/podman/main.go @@ -28,6 +28,7 @@ var ( var cmdsNotRequiringRootless = map[string]bool{ "help": true, "version": true, + "create": true, "exec": true, // `info` must be executed in an user namespace. // If this change, please also update libpod.refreshRootless() |