From a811acf74cd12fa810de74dec80c9853384a1247 Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Mon, 14 Feb 2022 17:40:29 +0100 Subject: pkg: support passing down options for idmap [NO NEW TESTS NEEDED] the feature is still being worked in crun: https://github.com/containers/crun/pull/874 also needs: https://github.com/containers/common/pull/927 Signed-off-by: Giuseppe Scrivano --- pkg/specgenutil/volumes.go | 6 +++++- pkg/util/mountOpts.go | 12 ++++++++---- 2 files changed, 13 insertions(+), 5 deletions(-) diff --git a/pkg/specgenutil/volumes.go b/pkg/specgenutil/volumes.go index 6b9624ebb..2bd79b186 100644 --- a/pkg/specgenutil/volumes.go +++ b/pkg/specgenutil/volumes.go @@ -356,7 +356,11 @@ func getBindMount(args []string) (spec.Mount, error) { } setOwnership = true case "idmap": - newMount.Options = append(newMount.Options, "idmap") + if len(kv) > 1 { + newMount.Options = append(newMount.Options, fmt.Sprintf("idmap=%s", kv[1])) + } else { + newMount.Options = append(newMount.Options, "idmap") + } case "consistency": // Often used on MACs and mistakenly on Linux platforms. // Since Docker ignores this option so shall we. diff --git a/pkg/util/mountOpts.go b/pkg/util/mountOpts.go index d8b14c0df..2a0101791 100644 --- a/pkg/util/mountOpts.go +++ b/pkg/util/mountOpts.go @@ -45,14 +45,18 @@ func ProcessOptions(options []string, isTmpfs bool, sourcePath string) ([]string } } - switch splitOpt[0] { - case "O": - foundOverlay = true - case "idmap": + if strings.HasPrefix(splitOpt[0], "idmap") { if foundIdmap { return nil, errors.Wrapf(ErrDupeMntOption, "the 'idmap' option can only be set once") } foundIdmap = true + newOptions = append(newOptions, opt) + continue + } + + switch splitOpt[0] { + case "O": + foundOverlay = true case "exec", "noexec": if foundExec { return nil, errors.Wrapf(ErrDupeMntOption, "only one of 'noexec' and 'exec' can be used") -- cgit v1.2.3-54-g00ecf