From 816c7279e132016c3a26d44097c4203381911468 Mon Sep 17 00:00:00 2001
From: Giuseppe Scrivano <gscrivan@redhat.com>
Date: Mon, 18 Mar 2024 22:16:58 +0100
Subject: [PATCH] utils: do not generate duplicate range

do not generate a duplicated range when --userns=keep-id:uid=0 or
--userns=keep-id:gid=0 are used.

Closes: https://github.com/containers/podman/issues/22078

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
---
 pkg/util/utils.go      |  4 ++--
 pkg/util/utils_test.go | 14 ++++++++++++++
 2 files changed, 16 insertions(+), 2 deletions(-)

diff --git a/pkg/util/utils.go b/pkg/util/utils.go
index f36dc45764..2170911552 100644
--- a/pkg/util/utils.go
+++ b/pkg/util/utils.go
@@ -195,7 +195,7 @@ func getRootlessKeepIDMapping(uid, gid int, uids, gids []idtools.IDMap) (*stypes
 
 	options.UIDMap, options.GIDMap = nil, nil
 
-	if len(uids) > 0 {
+	if len(uids) > 0 && uid != 0 {
 		options.UIDMap = append(options.UIDMap, idtools.IDMap{ContainerID: 0, HostID: 1, Size: min(uid, maxUID)})
 	}
 	options.UIDMap = append(options.UIDMap, idtools.IDMap{ContainerID: uid, HostID: 0, Size: 1})
@@ -203,7 +203,7 @@ func getRootlessKeepIDMapping(uid, gid int, uids, gids []idtools.IDMap) (*stypes
 		options.UIDMap = append(options.UIDMap, idtools.IDMap{ContainerID: uid + 1, HostID: uid + 1, Size: maxUID - uid})
 	}
 
-	if len(gids) > 0 {
+	if len(gids) > 0 && gid != 0 {
 		options.GIDMap = append(options.GIDMap, idtools.IDMap{ContainerID: 0, HostID: 1, Size: min(gid, maxGID)})
 	}
 	options.GIDMap = append(options.GIDMap, idtools.IDMap{ContainerID: gid, HostID: 0, Size: 1})
diff --git a/pkg/util/utils_test.go b/pkg/util/utils_test.go
index cb13c49fa6..36670caf17 100644
--- a/pkg/util/utils_test.go
+++ b/pkg/util/utils_test.go
@@ -612,6 +612,20 @@ func TestGetRootlessKeepIDMapping(t *testing.T) {
 			expectedUID: 1000,
 			expectedGID: 1000,
 		},
+		{
+			uid:  0,
+			gid:  0,
+			uids: []idtools.IDMap{{ContainerID: 0, HostID: 100000, Size: 65536}},
+			gids: []idtools.IDMap{{ContainerID: 0, HostID: 100000, Size: 65536}},
+			expectedOptions: &stypes.IDMappingOptions{
+				HostUIDMapping: false,
+				HostGIDMapping: false,
+				UIDMap:         []idtools.IDMap{{ContainerID: 0, HostID: 0, Size: 1}, {ContainerID: 1, HostID: 1, Size: 65536}},
+				GIDMap:         []idtools.IDMap{{ContainerID: 0, HostID: 0, Size: 1}, {ContainerID: 1, HostID: 1, Size: 65536}},
+			},
+			expectedUID: 0,
+			expectedGID: 0,
+		},
 	}
 
 	for _, test := range tests {