opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-06-25 20:26:51 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #8013 from rhatdan/homedir

Browse Source 
Setup HOME environment when using --userns=keep-id
This commit is contained in:
OpenShift Merge Robot
2020-10-15 05:09:40 -04:00
committed by GitHub
parent e4f6a1afae 6ca8067956
commit 41eda417fe
2 changed files with 39 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
libpod/container_internal_linux.go
View File

@ -1717,11 +1717,35 @@ func (c *Container) generateCurrentUserPasswdEntry() (string, int, int, error) {
// If the user's actual home directory exists, or was mounted in - use // If the user's actual home directory exists, or was mounted in - use
// that. // that.
homeDir := c.WorkingDir() homeDir := c.WorkingDir()
if MountExists(c.config.Spec.Mounts, u.HomeDir) { hDir := u.HomeDir
homeDir = u.HomeDir for hDir != "/" {
if MountExists(c.config.Spec.Mounts, hDir) {
homeDir = u.HomeDir
break
}
hDir = filepath.Dir(hDir)
}
if homeDir != u.HomeDir {
for _, hDir := range c.UserVolumes() {
if hDir == u.HomeDir {
homeDir = u.HomeDir
break
}
}
}
// Set HOME environment if not already set
hasHomeSet := false
for _, s := range c.config.Spec.Process.Env {
if strings.HasPrefix(s, "HOME=") {
hasHomeSet = true
break
}
}
if !hasHomeSet {
c.config.Spec.Process.Env = append(c.config.Spec.Process.Env, fmt.Sprintf("HOME=%s", homeDir))
} }
return fmt.Sprintf("%s:*:%s:%s:%s:%s:/bin/sh\n", u.Username, u.Uid, u.Gid, u.Username, homeDir), uid, rootless.GetRootlessGID(), nil return fmt.Sprintf("%s:*:%s:%s:%s:%s:/bin/sh\n", u.Username, u.Uid, u.Gid, u.Name, homeDir), uid, rootless.GetRootlessGID(), nil
} }
// generateUserPasswdEntry generates an /etc/passwd entry for the container user // generateUserPasswdEntry generates an /etc/passwd entry for the container user

12
test/e2e/toolbox_test.go
View File

@ -365,4 +365,16 @@ var _ = Describe("Toolbox-specific testing", func() {
Expect(session.ExitCode()).To(Equal(0)) Expect(session.ExitCode()).To(Equal(0))
Expect(session.OutputToString()).To(ContainSubstring("READY")) Expect(session.OutputToString()).To(ContainSubstring("READY"))
}) })
It("podman run --userns=keep-id check $HOME", func() {
var session *PodmanSessionIntegration
currentUser, err := user.Current()
Expect(err).To(BeNil())
session = podmanTest.Podman([]string{"run", "-v", fmt.Sprintf("%s:%s", currentUser.HomeDir, currentUser.HomeDir), "--userns=keep-id", fedoraToolbox, "sh", "-c", "echo $HOME"})
session.WaitWithDefaultTimeout()
Expect(session.ExitCode()).To(Equal(0))
Expect(session.OutputToString()).To(ContainSubstring(currentUser.HomeDir))
})
}) })