From 04a4ba9b7302b807b7a5d9a180d3fcd27560052a Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Fri, 11 Jan 2019 11:23:19 +0100 Subject: rootless: create the userns immediately when creating a new pod Closes: https://github.com/containers/libpod/issues/2124 Signed-off-by: Giuseppe Scrivano --- cmd/podman/create.go | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'cmd/podman') diff --git a/cmd/podman/create.go b/cmd/podman/create.go index 7472426eb..87fa18e47 100644 --- a/cmd/podman/create.go +++ b/cmd/podman/create.go @@ -422,6 +422,16 @@ func parseCreateOpts(ctx context.Context, c *cli.Context, runtime *libpod.Runtim } if c.IsSet("pod") { if strings.HasPrefix(originalPodName, "new:") { + if rootless.IsRootless() { + // To create a new pod, we must immediately create the userns. + became, ret, err := rootless.BecomeRootInUserNS() + if err != nil { + return nil, err + } + if became { + os.Exit(ret) + } + } // pod does not exist; lets make it var podOptions []libpod.PodCreateOption podOptions = append(podOptions, libpod.WithPodName(podName), libpod.WithInfraContainer(), libpod.WithPodCgroups()) -- cgit v1.2.3-54-g00ecf