opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-06-05 14:06:01 +08:00
Code Issues Packages Projects Releases Wiki Activity

specgen: honor user namespace value

Browse Source 
honor eventual options set in the containers.userns setting in the
containers.conf file, e.g.:

[containers]
userns = "auto:size=8192"

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
This commit is contained in:
Giuseppe Scrivano
2022-11-21 15:15:05 +01:00
parent 3f76f29adb
commit a891199b9a
2 changed files with 26 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
pkg/specgen/generate/container_create.go
View File

@ -88,8 +88,11 @@ func MakeContainer(ctx context.Context, rt *libpod.Runtime, s *specgen.SpecGener
return nil, nil, nil, err return nil, nil, nil, err
} }
s.UserNS = defaultNS s.UserNS = defaultNS
value := string(s.UserNS.NSMode)
mappings, err := util.ParseIDMapping(namespaces.UsernsMode(s.UserNS.NSMode), nil, nil, "", "") if s.UserNS.Value != "" {
value = value + ":" + s.UserNS.Value
}
mappings, err := util.ParseIDMapping(namespaces.UsernsMode(value), nil, nil, "", "")
if err != nil { if err != nil {
return nil, nil, nil, err return nil, nil, nil, err
} }

22
test/e2e/run_userns_test.go
View File

@ -4,6 +4,7 @@ import (
"fmt" "fmt"
"os" "os"
"os/user" "os/user"
"path/filepath"
"strings" "strings"
. "github.com/containers/podman/v4/test/utils" . "github.com/containers/podman/v4/test/utils"
@ -13,6 +14,19 @@ import (
. "github.com/onsi/gomega/gexec" . "github.com/onsi/gomega/gexec"
) )
func createContainersConfFileWithCustomUserns(pTest *PodmanTestIntegration, userns string) {
configPath := filepath.Join(pTest.TempDir, "containers.conf")
containersConf := []byte(fmt.Sprintf("[containers]\nuserns = \"%s\"\n", userns))
err := os.WriteFile(configPath, containersConf, os.ModePerm)
Expect(err).To(BeNil())
// Set custom containers.conf file
os.Setenv("CONTAINERS_CONF", configPath)
if IsRemote() {
pTest.RestartRemoteService()
}
}
var _ = Describe("Podman UserNS support", func() { var _ = Describe("Podman UserNS support", func() {
var ( var (
tempdir string tempdir string
@ -39,7 +53,7 @@ var _ = Describe("Podman UserNS support", func() {
podmanTest.Cleanup() podmanTest.Cleanup()
f := CurrentGinkgoTestDescription() f := CurrentGinkgoTestDescription()
processTestResult(f) processTestResult(f)
os.Unsetenv("CONTAINERS_CONF")
}) })
// Note: Lot of tests for build with --userns=auto are already there in buildah // Note: Lot of tests for build with --userns=auto are already there in buildah
@ -211,6 +225,12 @@ var _ = Describe("Podman UserNS support", func() {
} }
// check for no duplicates // check for no duplicates
Expect(m).To(HaveLen(5)) Expect(m).To(HaveLen(5))
createContainersConfFileWithCustomUserns(podmanTest, "auto:size=1019")
session := podmanTest.Podman([]string{"run", "alpine", "cat", "/proc/self/uid_map"})
session.WaitWithDefaultTimeout()
Expect(session).Should(Exit(0))
Expect(session.OutputToString()).To(ContainSubstring("1019"))
}) })
It("podman --userns=auto:size=%d", func() { It("podman --userns=auto:size=%d", func() {