From 819c80712578cce1d5fd1915a351bc739c7fcb72 Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Tue, 24 Jul 2018 17:12:33 +0200 Subject: podman: allow to specify the userns to join Signed-off-by: Giuseppe Scrivano Closes: #1145 Approved by: rhatdan --- pkg/spec/spec.go | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'pkg/spec') diff --git a/pkg/spec/spec.go b/pkg/spec/spec.go index acc41f7c5..dcf1c51dd 100644 --- a/pkg/spec/spec.go +++ b/pkg/spec/spec.go @@ -326,6 +326,14 @@ func addPidNS(config *CreateConfig, g *generate.Generator) error { } func addUserNS(config *CreateConfig, g *generate.Generator) error { + if IsNS(string(config.UsernsMode)) { + g.AddOrReplaceLinuxNamespace(spec.UserNamespace, NS(string(config.UsernsMode))) + + // runc complains if no mapping is specified, even if we join another ns. So provide a dummy mapping + g.AddLinuxUIDMapping(uint32(0), uint32(0), uint32(1)) + g.AddLinuxGIDMapping(uint32(0), uint32(0), uint32(1)) + } + if (len(config.IDMappings.UIDMap) > 0 || len(config.IDMappings.GIDMap) > 0) && !config.UsernsMode.IsHost() { g.AddOrReplaceLinuxNamespace(spec.UserNamespace, "") } -- cgit v1.2.3-54-g00ecf