From 370195cf784967014dceee1f3da06f79170f033a Mon Sep 17 00:00:00 2001
From: Giuseppe Scrivano <gscrivan@redhat.com>
Date: Wed, 24 Jun 2020 11:25:47 +0200
Subject: libpod: specify mappings to the storage

specify the mappings in the container configuration to the storage
when creating the container so that the correct mappings can be
configured.

Regression introduced with Podman 2.0.

Closes: https://github.com/containers/libpod/issues/6735

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
---
 libpod/container_internal.go | 20 ++++++++++++++++++++
 test/e2e/run_userns_test.go  |  7 +++++++
 2 files changed, 27 insertions(+)

diff --git a/libpod/container_internal.go b/libpod/container_internal.go
index 73e0b2118..db64f5eeb 100644
--- a/libpod/container_internal.go
+++ b/libpod/container_internal.go
@@ -22,6 +22,7 @@ import (
 	"github.com/containers/libpod/pkg/selinux"
 	"github.com/containers/storage"
 	"github.com/containers/storage/pkg/archive"
+	"github.com/containers/storage/pkg/idtools"
 	"github.com/containers/storage/pkg/mount"
 	securejoin "github.com/cyphar/filepath-securejoin"
 	spec "github.com/opencontainers/runtime-spec/specs-go"
@@ -360,6 +361,25 @@ func (c *Container) setupStorageMapping(dest, from *storage.IDMappingOptions) {
 			}
 			dest.AutoUserNsOpts.InitialSize = initialSize + 1
 		}
+	} else if c.config.Spec.Linux != nil {
+		dest.UIDMap = nil
+		for _, r := range c.config.Spec.Linux.UIDMappings {
+			u := idtools.IDMap{
+				ContainerID: int(r.ContainerID),
+				HostID:      int(r.HostID),
+				Size:        int(r.Size),
+			}
+			dest.UIDMap = append(dest.UIDMap, u)
+		}
+		dest.GIDMap = nil
+		for _, r := range c.config.Spec.Linux.GIDMappings {
+			g := idtools.IDMap{
+				ContainerID: int(r.ContainerID),
+				HostID:      int(r.HostID),
+				Size:        int(r.Size),
+			}
+			dest.GIDMap = append(dest.GIDMap, g)
+		}
 	}
 }
 
diff --git a/test/e2e/run_userns_test.go b/test/e2e/run_userns_test.go
index 5b9a99daa..be0981408 100644
--- a/test/e2e/run_userns_test.go
+++ b/test/e2e/run_userns_test.go
@@ -89,6 +89,13 @@ var _ = Describe("Podman UserNS support", func() {
 		Expect(ok).To(BeTrue())
 	})
 
+	It("podman --userns=keep-id root owns /usr", func() {
+		session := podmanTest.Podman([]string{"run", "--userns=keep-id", "alpine", "stat", "-c%u", "/usr"})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(Equal(0))
+		Expect(session.OutputToString()).To(Equal("0"))
+	})
+
 	It("podman --userns=keep-id --user root:root", func() {
 		session := podmanTest.Podman([]string{"run", "--userns=keep-id", "--user", "root:root", "alpine", "id", "-u"})
 		session.WaitWithDefaultTimeout()
-- 
cgit v1.2.3-54-g00ecf