volumes: Fix idmap not working for volumes

idmap is documented as supported for volumes, but it was not added to
the getNamedVolume() function.

Fixes: e83d36665 ("volumes: add new option idmap")
Signed-off-by: Kristian Klausen <kristian@klausen.dk>

pkg/specgenutil/volumes.go

@@ -584,6 +584,12 @@ func getNamedVolume(args []string) (*specgen.NamedVolume, error) {
 			}
 			newVolume.Dest = unixPathClean(kv[1])
 			setDest = true
+		case "idmap":
+			if len(kv) > 1 {
+				newVolume.Options = append(newVolume.Options, fmt.Sprintf("idmap=%s", kv[1]))
+			} else {
+				newVolume.Options = append(newVolume.Options, "idmap")
+			}
 		case "U", "chown":
 			if setOwnership {
 				return newVolume, fmt.Errorf("cannot pass 'U' or 'chown' option more than once: %w", errOptionArg)

test/e2e/run_userns_test.go

@@ -94,6 +94,16 @@ var _ = Describe("Podman UserNS support", func() {
 		Expect(session.OutputToString()).To(ContainSubstring("hello"))
 	})
 
+	It("podman uidmapping and gidmapping with a idmapped volume", func() {
+		session := podmanTest.Podman([]string{"run", "--uidmap=0:1:500", "--gidmap=0:200:5000", "-v", "my-foo-volume:/foo:Z,idmap", "alpine", "echo", "hello"})
+		session.WaitWithDefaultTimeout()
+		if strings.Contains(session.ErrorToString(), "Operation not permitted") {
+			Skip("not sufficiently privileged")
+		}
+		Expect(session).Should(Exit(0))
+		Expect(session.OutputToString()).To(ContainSubstring("hello"))
+	})
+
 	It("podman uidmapping and gidmapping --net=host", func() {
 		session := podmanTest.Podman([]string{"run", "--net=host", "--uidmap=0:1:5000", "--gidmap=0:200:5000", "alpine", "echo", "hello"})
 		session.WaitWithDefaultTimeout()