From 04a537756d9b7b526759c02b5b5d68c135b210ea Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Tue, 9 Oct 2018 07:54:37 -0400 Subject: Generate a passwd file for users not in container If someone runs podman as a user (uid) that is not defined in the container we want generate a passwd file so that getpwuid() will work inside of container. Signed-off-by: Daniel J Walsh --- pkg/chrootuser/user.go | 7 +++++++ pkg/chrootuser/user_basic.go | 4 ++++ pkg/chrootuser/user_linux.go | 26 ++++++++++++++++++++++++++ 3 files changed, 37 insertions(+) (limited to 'pkg/chrootuser') diff --git a/pkg/chrootuser/user.go b/pkg/chrootuser/user.go index 3de138b86..c83dcc230 100644 --- a/pkg/chrootuser/user.go +++ b/pkg/chrootuser/user.go @@ -99,3 +99,10 @@ func GetAdditionalGroupsForUser(rootdir string, userid uint64) ([]uint32, error) } return gids, nil } + +// LookupUIDInContainer returns username and gid associated with a UID in a container +// it will use the /etc/passwd files inside of the rootdir +// to return this information. +func LookupUIDInContainer(rootdir string, uid uint64) (user string, gid uint64, err error) { + return lookupUIDInContainer(rootdir, uid) +} diff --git a/pkg/chrootuser/user_basic.go b/pkg/chrootuser/user_basic.go index 4ed7918e9..79b0b24b5 100644 --- a/pkg/chrootuser/user_basic.go +++ b/pkg/chrootuser/user_basic.go @@ -21,3 +21,7 @@ func lookupGroupForUIDInContainer(rootdir string, userid uint64) (string, uint64 func lookupAdditionalGroupsForUIDInContainer(rootdir string, userid uint64) (gid []uint32, err error) { return nil, errors.New("supplemental groups list lookup by uid not supported") } + +func lookupUIDInContainer(rootdir string, uid uint64) (string, uint64, error) { + return "", 0, errors.New("UID lookup not supported") +} diff --git a/pkg/chrootuser/user_linux.go b/pkg/chrootuser/user_linux.go index acd0af822..583eca569 100644 --- a/pkg/chrootuser/user_linux.go +++ b/pkg/chrootuser/user_linux.go @@ -265,3 +265,29 @@ func lookupGroupInContainer(rootdir, groupname string) (gid uint64, err error) { return 0, user.UnknownGroupError(fmt.Sprintf("error looking up group %q", groupname)) } + +func lookupUIDInContainer(rootdir string, uid uint64) (string, uint64, error) { + cmd, f, err := openChrootedFile(rootdir, "/etc/passwd") + if err != nil { + return "", 0, err + } + defer func() { + _ = cmd.Wait() + }() + rc := bufio.NewReader(f) + defer f.Close() + + lookupUser.Lock() + defer lookupUser.Unlock() + + pwd := parseNextPasswd(rc) + for pwd != nil { + if pwd.uid != uid { + pwd = parseNextPasswd(rc) + continue + } + return pwd.name, pwd.gid, nil + } + + return "", 0, user.UnknownUserError(fmt.Sprintf("error looking up uid %q", uid)) +} -- cgit v1.2.3-54-g00ecf