opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-05-20 00:27:03 +08:00
Code Issues Packages Projects Releases Wiki Activity

libpod: avoid chowning the rundir to root in the userns

Browse Source 
so it is possible to remove the code to make the entire directory
world accessible.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
This commit is contained in:
Giuseppe Scrivano
2024-06-18 23:09:55 +02:00
parent c81f075f43
commit 08a8429459
3 changed files with 0 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
libpod/container_internal.go
View File

@ -544,16 +544,6 @@ func (c *Container) setupStorage(ctx context.Context) error {
c.config.StaticDir = containerInfo.Dir
c.state.RunDir = containerInfo.RunDir
if len(c.config.IDMappings.UIDMap) != 0 || len(c.config.IDMappings.GIDMap) != 0 {
if err := idtools.SafeChown(containerInfo.RunDir, c.RootUID(), c.RootGID()); err != nil {
return err
}
if err := idtools.SafeChown(containerInfo.Dir, c.RootUID(), c.RootGID()); err != nil {
return err
}
}
// Set the default Entrypoint and Command
if containerInfo.Config != nil {
// Set CMD in the container to the default configuration only if ENTRYPOINT is not set by the user.