From 998fd2ece0480e581e013124d0969a1af6305110 Mon Sep 17 00:00:00 2001 From: umohnani8 Date: Tue, 3 Apr 2018 13:37:25 -0400 Subject: Functionality changes to the following flags --group-add --blkio-weight-device --device-read-bps --device-write-bps --device-read-iops --device-write-iops --group-add now supports group names as well as the gid associated with them. All the --device flags work now with moderate changes to the code to support both bps and iops. Added tests for all the flags. Signed-off-by: umohnani8 Closes: #590 Approved by: mheon --- pkg/chrootuser/user.go | 5 +++++ pkg/chrootuser/user_linux.go | 32 ++++++++++++++++++++++++++++++++ 2 files changed, 37 insertions(+) (limited to 'pkg') diff --git a/pkg/chrootuser/user.go b/pkg/chrootuser/user.go index 9be386ef9..22ba5ff8a 100644 --- a/pkg/chrootuser/user.go +++ b/pkg/chrootuser/user.go @@ -69,3 +69,8 @@ func GetUser(rootdir, userspec string) (uint32, uint32, error) { } return 0, 0, err } + +// GetAdditionalGroupsForUser returns a list of gids that userid is associated with +func GetAdditionalGroupsForUser(rootdir string, userid uint64) ([]uint32, error) { + return lookupAdditionalGroupsForUIDInContainer(rootdir, userid) +} diff --git a/pkg/chrootuser/user_linux.go b/pkg/chrootuser/user_linux.go index 2baf9ea33..64ff7cef6 100644 --- a/pkg/chrootuser/user_linux.go +++ b/pkg/chrootuser/user_linux.go @@ -88,6 +88,7 @@ type lookupPasswdEntry struct { type lookupGroupEntry struct { name string gid uint64 + user string } func readWholeLine(rc *bufio.Reader) ([]byte, error) { @@ -153,6 +154,7 @@ func parseNextGroup(rc *bufio.Reader) *lookupGroupEntry { return &lookupGroupEntry{ name: fields[0], gid: gid, + user: fields[3], } } @@ -208,6 +210,36 @@ func lookupGroupForUIDInContainer(rootdir string, userid uint64) (username strin return "", 0, user.UnknownUserError(fmt.Sprintf("error looking up user with UID %d", userid)) } +func lookupAdditionalGroupsForUIDInContainer(rootdir string, userid uint64) (gid []uint32, err error) { + // Get the username associated with userid + username, _, err := lookupGroupForUIDInContainer(rootdir, userid) + if err != nil { + return nil, err + } + + cmd, f, err := openChrootedFile(rootdir, "/etc/group") + if err != nil { + return nil, err + } + defer func() { + _ = cmd.Wait() + }() + rc := bufio.NewReader(f) + defer f.Close() + + lookupGroup.Lock() + defer lookupGroup.Unlock() + + grp := parseNextGroup(rc) + for grp != nil { + if strings.Contains(grp.user, username) { + gid = append(gid, uint32(grp.gid)) + } + grp = parseNextGroup(rc) + } + return gid, nil +} + func lookupGroupInContainer(rootdir, groupname string) (gid uint64, err error) { cmd, f, err := openChrootedFile(rootdir, "/etc/group") if err != nil { -- cgit v1.2.3-54-g00ecf