From f6d00ea6ef977bbaf167d1187d1e4e43632f6b5c Mon Sep 17 00:00:00 2001
From: cdoern <cdoern@redhat.com>
Date: Sun, 21 Nov 2021 22:48:32 -0500
Subject: podman image scp never enter podman user NS

Podman image scp should never enter the Podman UserNS unless it needs to. This allows for
a sudo exec.Command to transfer images to and from rootful storage. If this command is run using sudo,
the simple sudo podman save/load does not work, machinectl/su is necessary here.

This modification allows for both rootful and rootless transfers, and an overall change of scp to be
more of a wrapper function for different load and save calls as well as the ssh component

Signed-off-by: cdoern <cdoern@redhat.com>
---
 utils/utils.go | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'utils')

diff --git a/utils/utils.go b/utils/utils.go
index 095370a08..d1374a39a 100644
--- a/utils/utils.go
+++ b/utils/utils.go
@@ -224,3 +224,12 @@ func MovePauseProcessToScope(pausePidPath string) {
 		}
 	}
 }
+
+// CreateSCPCommand takes an existing command, appends the given arguments and returns a configured podman command for image scp
+func CreateSCPCommand(cmd *exec.Cmd, command []string) *exec.Cmd {
+	cmd.Args = append(cmd.Args, command...)
+	cmd.Env = os.Environ()
+	cmd.Stderr = os.Stderr
+	cmd.Stdout = os.Stdout
+	return cmd
+}
-- 
cgit v1.2.3-54-g00ecf