opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-08-06 03:19:52 +08:00
Code Issues Packages Projects Releases Wiki Activity

podman: do not use Chown in rootless mode

Browse Source 
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>

Closes: #871
Approved by: mheon
This commit is contained in:
Giuseppe Scrivano
2018-06-01 13:24:17 +02:00
committed by Atomic Bot
parent c976d49805
commit 5e699e28a7
1 changed files with 9 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
libpod/container_internal.go
View File

@ -231,7 +231,7 @@ func (c *Container) setupStorage(ctx context.Context) error {
return errors.Wrapf(err, "error creating container storage")
}
if len(c.config.IDMappings.UIDMap) != 0 || len(c.config.IDMappings.GIDMap) != 0 {
if os.Getuid() == 0 && (len(c.config.IDMappings.UIDMap) != 0 || len(c.config.IDMappings.GIDMap) != 0) {
info, err := os.Stat(c.runtime.config.TmpDir)
if err != nil {
return errors.Wrapf(err, "cannot stat `%s`", c.runtime.config.TmpDir)
@ -935,8 +935,10 @@ func (c *Container) postDeleteHooks(ctx context.Context) (err error) {
// Make standard bind mounts to include in the container
func (c *Container) makeBindMounts() error {
if err := os.Chown(c.state.RunDir, c.RootUID(), c.RootGID()); err != nil {
return errors.Wrapf(err, "error chown %s", c.state.RunDir)
if os.Getuid() == 0 {
if err := os.Chown(c.state.RunDir, c.RootUID(), c.RootGID()); err != nil {
return errors.Wrapf(err, "cannot chown run directory %s", c.state.RunDir)
}
}
if c.state.BindMounts == nil {
@ -1013,8 +1015,10 @@ func (c *Container) writeStringToRundir(destFile, output string) (string, error)
return "", errors.Wrapf(err, "unable to create %s", destFileName)
}
defer f.Close()
if err := f.Chown(c.RootUID(), c.RootGID()); err != nil {
return "", err
if os.Getuid() == 0 {
if err := f.Chown(c.RootUID(), c.RootGID()); err != nil {
return "", err
}
}
if _, err := f.WriteString(output); err != nil {