opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-10-11 16:26:00 +08:00
Code Issues Packages Projects Releases Wiki Activity

Quadlet - make sure the /etc/containers/systemd/users is traversed in rootless

Browse Source 
Signed-off-by: Ygal Blum <ygal.blum@gmail.com>
This commit is contained in:
Ygal Blum
2024-12-10 15:33:10 -05:00
parent 564b8f338e
commit 0b3ad66a78
2 changed files with 33 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
cmd/quadlet/main.go
View File

@ -186,9 +186,9 @@ func getRootlessDirs(paths *searchPaths, nonNumericFilter, userLevelFilter func(
appendSubPaths(paths, filepath.Join(quadlet.UnitDirAdmin, "users", u.Uid), true, userLevelFilter)
} else {
fmt.Fprintf(os.Stderr, "Warning: %v", err)
// Add the base directory even if the UID was not found
paths.Add(filepath.Join(quadlet.UnitDirAdmin, "users"))
}
paths.Add(filepath.Join(quadlet.UnitDirAdmin, "users"))
}
func getRootDirs(paths *searchPaths, userLevelFilter func(string, bool) bool) {
@ -279,6 +279,10 @@ func getNonNumericFilter(resolvedUnitDirAdminUser string, systemUserDirLevel int
// ignore sub dirs under the `users` directory which correspond to a user id
if strings.HasPrefix(path, resolvedUnitDirAdminUser) {
listDirUserPathLevels := strings.Split(path, string(os.PathSeparator))
// Make sure to add the base directory
if len(listDirUserPathLevels) == systemUserDirLevel {
return true
}
if len(listDirUserPathLevels) > systemUserDirLevel {
if !(regexp.MustCompile(`^[0-9]*$`).MatchString(listDirUserPathLevels[systemUserDirLevel])) {
return true