opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-06-23 02:18:13 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #6743 from giuseppe/specify-mappings-to-storage

Browse Source 
libpod: specify mappings to the storage
This commit is contained in:
OpenShift Merge Robot
2020-06-24 09:21:41 -04:00
committed by GitHub
parent 0d26b8f24b 370195cf78
commit 3df30ef358
2 changed files with 27 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
libpod/container_internal.go
View File

@ -22,6 +22,7 @@ import (
"github.com/containers/libpod/pkg/selinux" "github.com/containers/libpod/pkg/selinux"
"github.com/containers/storage" "github.com/containers/storage"
"github.com/containers/storage/pkg/archive" "github.com/containers/storage/pkg/archive"
"github.com/containers/storage/pkg/idtools"
"github.com/containers/storage/pkg/mount" "github.com/containers/storage/pkg/mount"
securejoin "github.com/cyphar/filepath-securejoin" securejoin "github.com/cyphar/filepath-securejoin"
spec "github.com/opencontainers/runtime-spec/specs-go" spec "github.com/opencontainers/runtime-spec/specs-go"
@ -360,6 +361,25 @@ func (c *Container) setupStorageMapping(dest, from *storage.IDMappingOptions) {
} }
dest.AutoUserNsOpts.InitialSize = initialSize + 1 dest.AutoUserNsOpts.InitialSize = initialSize + 1
} }
} else if c.config.Spec.Linux != nil {
dest.UIDMap = nil
for _, r := range c.config.Spec.Linux.UIDMappings {
u := idtools.IDMap{
ContainerID: int(r.ContainerID),
HostID: int(r.HostID),
Size: int(r.Size),
}
dest.UIDMap = append(dest.UIDMap, u)
}
dest.GIDMap = nil
for _, r := range c.config.Spec.Linux.GIDMappings {
g := idtools.IDMap{
ContainerID: int(r.ContainerID),
HostID: int(r.HostID),
Size: int(r.Size),
}
dest.GIDMap = append(dest.GIDMap, g)
}
} }
} }

7
test/e2e/run_userns_test.go
View File

@ -89,6 +89,13 @@ var _ = Describe("Podman UserNS support", func() {
Expect(ok).To(BeTrue()) Expect(ok).To(BeTrue())
}) })
It("podman --userns=keep-id root owns /usr", func() {
session := podmanTest.Podman([]string{"run", "--userns=keep-id", "alpine", "stat", "-c%u", "/usr"})
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0))
Expect(session.OutputToString()).To(Equal("0"))
})
It("podman --userns=keep-id --user root:root", func() { It("podman --userns=keep-id --user root:root", func() {
session := podmanTest.Podman([]string{"run", "--userns=keep-id", "--user", "root:root", "alpine", "id", "-u"}) session := podmanTest.Podman([]string{"run", "--userns=keep-id", "--user", "root:root", "alpine", "id", "-u"})
session.WaitWithDefaultTimeout() session.WaitWithDefaultTimeout()