summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--cmd/podman/cp.go34
-rw-r--r--cmd/podman/main.go1
2 files changed, 35 insertions, 0 deletions
diff --git a/cmd/podman/cp.go b/cmd/podman/cp.go
index 89114fda1..d9f230b67 100644
--- a/cmd/podman/cp.go
+++ b/cmd/podman/cp.go
@@ -1,8 +1,10 @@
package main
import (
+ "io/ioutil"
"os"
"path/filepath"
+ "strconv"
"strings"
"github.com/containers/buildah/util"
@@ -10,6 +12,7 @@ import (
"github.com/containers/libpod/cmd/podman/libpodruntime"
"github.com/containers/libpod/libpod"
"github.com/containers/libpod/pkg/chrootuser"
+ "github.com/containers/libpod/pkg/rootless"
"github.com/containers/storage"
"github.com/containers/storage/pkg/archive"
"github.com/containers/storage/pkg/chrootarchive"
@@ -48,6 +51,9 @@ func cpCmd(c *cliconfig.CpValues) error {
if len(args) != 2 {
return errors.Errorf("you must provide a source path and a destination path")
}
+ if os.Geteuid() != 0 {
+ rootless.SetSkipStorageSetup(true)
+ }
runtime, err := libpodruntime.GetRuntime(&c.PodmanCommand)
if err != nil {
@@ -76,6 +82,34 @@ func copyBetweenHostAndContainer(runtime *libpod.Runtime, src string, dest strin
ctr = destCtr
}
+ if os.Geteuid() != 0 {
+ s, err := ctr.State()
+ if err != nil {
+ return err
+ }
+ var became bool
+ var ret int
+ if s == libpod.ContainerStateRunning || s == libpod.ContainerStatePaused {
+ data, err := ioutil.ReadFile(ctr.Config().ConmonPidFile)
+ if err != nil {
+ return errors.Wrapf(err, "cannot read conmon PID file %q", ctr.Config().ConmonPidFile)
+ }
+ conmonPid, err := strconv.Atoi(string(data))
+ if err != nil {
+ return errors.Wrapf(err, "cannot parse PID %q", data)
+ }
+ became, ret, err = rootless.JoinDirectUserAndMountNS(uint(conmonPid))
+ } else {
+ became, ret, err = rootless.BecomeRootInUserNS()
+ }
+ if err != nil {
+ return err
+ }
+ if became {
+ os.Exit(ret)
+ }
+ }
+
mountPoint, err := ctr.Mount()
if err != nil {
return err
diff --git a/cmd/podman/main.go b/cmd/podman/main.go
index 990e55a8c..bb21f2f79 100644
--- a/cmd/podman/main.go
+++ b/cmd/podman/main.go
@@ -61,6 +61,7 @@ var cmdsNotRequiringRootless = map[*cobra.Command]bool{
_versionCommand: true,
_createCommand: true,
_execCommand: true,
+ _cpCommand: true,
_exportCommand: true,
//// `info` must be executed in an user namespace.
//// If this change, please also update libpod.refreshRootless()