From e015c9e3f74153ef069bfbb013e715766e793bf9 Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Fri, 19 Aug 2022 15:15:47 +0200 Subject: podman: add uid and gid options to keep-id add two new options to the keep-id user namespace option: - uid: allow to override the UID used inside the container. - gid: allow to override the GID used inside the container. For example, the following command will map the rootless user (that has UID=0 inside the rootless user namespace) to the UID=11 inside the container user namespace: $ podman run --userns=keep-id:uid=11 --rm -ti fedora cat /proc/self/uid_map 0 1 11 11 0 1 12 12 65525 Closes: https://github.com/containers/podman/issues/15294 Signed-off-by: Giuseppe Scrivano --- test/e2e/run_userns_test.go | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'test/e2e') diff --git a/test/e2e/run_userns_test.go b/test/e2e/run_userns_test.go index 62e512d3a..016f67bf6 100644 --- a/test/e2e/run_userns_test.go +++ b/test/e2e/run_userns_test.go @@ -113,6 +113,16 @@ var _ = Describe("Podman UserNS support", func() { Expect(session).Should(Exit(0)) uid := fmt.Sprintf("%d", os.Geteuid()) Expect(session.OutputToString()).To(ContainSubstring(uid)) + + session = podmanTest.Podman([]string{"run", "--userns=keep-id:uid=10,gid=12", "alpine", "sh", "-c", "echo $(id -u):$(id -g)"}) + session.WaitWithDefaultTimeout() + if os.Geteuid() == 0 { + Expect(session).Should(Exit(125)) + return + } + + Expect(session).Should(Exit(0)) + Expect(session.OutputToString()).To(ContainSubstring("10:12")) }) It("podman --userns=keep-id check passwd", func() { -- cgit v1.2.3-54-g00ecf