opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-06-03 20:33:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

specgen: honor user namespace value

Browse Source 
honor eventual options set in the containers.userns setting in the
containers.conf file, e.g.:

[containers]
userns = "auto:size=8192"

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
This commit is contained in:
Giuseppe Scrivano
2022-11-21 15:15:05 +01:00
parent 3f76f29adb
commit a891199b9a
2 changed files with 26 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
pkg/specgen/generate/container_create.go
View File

@ -88,8 +88,11 @@ func MakeContainer(ctx context.Context, rt *libpod.Runtime, s *specgen.SpecGener
return nil, nil, nil, err
}
s.UserNS = defaultNS
mappings, err := util.ParseIDMapping(namespaces.UsernsMode(s.UserNS.NSMode), nil, nil, "", "")
value := string(s.UserNS.NSMode)
if s.UserNS.Value != "" {
value = value + ":" + s.UserNS.Value
}
mappings, err := util.ParseIDMapping(namespaces.UsernsMode(value), nil, nil, "", "")
if err != nil {
return nil, nil, nil, err
}

22
test/e2e/run_userns_test.go
View File

@ -4,6 +4,7 @@ import (
"fmt"
"os"
"os/user"
"path/filepath"
"strings"
. "github.com/containers/podman/v4/test/utils"
@ -13,6 +14,19 @@ import (
. "github.com/onsi/gomega/gexec"
)
func createContainersConfFileWithCustomUserns(pTest *PodmanTestIntegration, userns string) {
configPath := filepath.Join(pTest.TempDir, "containers.conf")
containersConf := []byte(fmt.Sprintf("[containers]\nuserns = \"%s\"\n", userns))
err := os.WriteFile(configPath, containersConf, os.ModePerm)
Expect(err).To(BeNil())
// Set custom containers.conf file
os.Setenv("CONTAINERS_CONF", configPath)
if IsRemote() {
pTest.RestartRemoteService()
}
}
var _ = Describe("Podman UserNS support", func() {
var (
tempdir string
@ -39,7 +53,7 @@ var _ = Describe("Podman UserNS support", func() {
podmanTest.Cleanup()
f := CurrentGinkgoTestDescription()
processTestResult(f)
os.Unsetenv("CONTAINERS_CONF")
})
// Note: Lot of tests for build with --userns=auto are already there in buildah
@ -211,6 +225,12 @@ var _ = Describe("Podman UserNS support", func() {
}
// check for no duplicates
Expect(m).To(HaveLen(5))
createContainersConfFileWithCustomUserns(podmanTest, "auto:size=1019")
session := podmanTest.Podman([]string{"run", "alpine", "cat", "/proc/self/uid_map"})
session.WaitWithDefaultTimeout()
Expect(session).Should(Exit(0))
Expect(session.OutputToString()).To(ContainSubstring("1019"))
})
It("podman --userns=auto:size=%d", func() {