opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-06-02 10:46:09 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: uid/gid for volume mounted to existing dir

Browse Source 
If mounting to existing directory the uid/gid should be preserved.
Primary uid/gid of container shouldn't be used.

Signed-off-by: Matej Vasek <mvasek@redhat.com>
This commit is contained in:
Matej Vasek
2021-07-12 14:56:55 +02:00
parent bef1f03d3c
commit 6cac65c841
2 changed files with 19 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
libpod/container_internal_linux.go
View File

@ -2490,6 +2490,11 @@ func (c *Container) fixVolumePermissions(v *ContainerNamedVolume) error {
// https://github.com/containers/podman/issues/10188 // https://github.com/containers/podman/issues/10188
st, err := os.Lstat(filepath.Join(c.state.Mountpoint, v.Dest)) st, err := os.Lstat(filepath.Join(c.state.Mountpoint, v.Dest))
if err == nil { if err == nil {
if stat, ok := st.Sys().(*syscall.Stat_t); ok {
if err := os.Lchown(mountPoint, int(stat.Uid), int(stat.Gid)); err != nil {
return err
}
}
if err := os.Chmod(mountPoint, st.Mode()|0111); err != nil { if err := os.Chmod(mountPoint, st.Mode()|0111); err != nil {
return err return err
} }

14
test/python/docker/compat/test_containers.py
View File

@ -7,6 +7,7 @@ from typing import IO, Optional
from docker import DockerClient, errors from docker import DockerClient, errors
from docker.models.containers import Container from docker.models.containers import Container
from docker.models.images import Image
from test.python.docker import Podman from test.python.docker import Podman
from test.python.docker.compat import common, constant from test.python.docker.compat import common, constant
@ -237,3 +238,16 @@ class TestContainers(unittest.TestCase):
if ctr is not None: if ctr is not None:
ctr.stop() ctr.stop()
ctr.remove() ctr.remove()
def test_mount_preexisting_dir(self):
dockerfile = (B'FROM quay.io/libpod/alpine:latest\n'
B'USER root\n'
B'RUN mkdir -p /workspace\n'
B'RUN chown 1042:1043 /workspace')
img: Image
img, out = self.client.images.build(fileobj=io.BytesIO(dockerfile))
ctr: Container = self.client.containers.create(image=img.id, detach=True, command="top",
volumes=["test_mount_preexisting_dir_vol:/workspace"])
ctr.start()
ret, out = ctr.exec_run(["stat", "-c", "%u:%g", "/workspace"])
self.assertTrue(out.startswith(b'1042:1043'), "assert correct uid/gid")