opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-05-23 01:57:56 +08:00
Code Issues Packages Projects Releases Wiki Activity

utils: move rootless code to a new function

Browse Source 
it is a preparatory patch.  It should not affect functionalities.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
This commit is contained in:
Giuseppe Scrivano
2024-03-18 21:53:08 +01:00
parent 8d02d8a96b
commit cda3dc83d8
1 changed files with 36 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

65
pkg/util/utils.go
View File

@ -180,14 +180,47 @@ func ParseSignal(rawSignal string) (syscall.Signal, error) {
return sig, nil return sig, nil
} }
// GetKeepIDMapping returns the mappings and the user to use when keep-id is used func getRootlessKeepIDMapping(uid, gid int, uids, gids []idtools.IDMap) (*stypes.IDMappingOptions, int, int, error) {
func GetKeepIDMapping(opts *namespaces.KeepIDUserNsOptions) (*stypes.IDMappingOptions, int, int, error) {
options := stypes.IDMappingOptions{ options := stypes.IDMappingOptions{
HostUIDMapping: false, HostUIDMapping: false,
HostGIDMapping: false, HostGIDMapping: false,
} }
maxUID, maxGID := 0, 0
for _, u := range uids {
maxUID += u.Size
}
for _, g := range gids {
maxGID += g.Size
}
options.UIDMap, options.GIDMap = nil, nil
if len(uids) > 0 {
options.UIDMap = append(options.UIDMap, idtools.IDMap{ContainerID: 0, HostID: 1, Size: min(uid, maxUID)})
}
options.UIDMap = append(options.UIDMap, idtools.IDMap{ContainerID: uid, HostID: 0, Size: 1})
if maxUID > uid {
options.UIDMap = append(options.UIDMap, idtools.IDMap{ContainerID: uid + 1, HostID: uid + 1, Size: maxUID - uid})
}
if len(gids) > 0 {
options.GIDMap = append(options.GIDMap, idtools.IDMap{ContainerID: 0, HostID: 1, Size: min(gid, maxGID)})
}
options.GIDMap = append(options.GIDMap, idtools.IDMap{ContainerID: gid, HostID: 0, Size: 1})
if maxGID > gid {
options.GIDMap = append(options.GIDMap, idtools.IDMap{ContainerID: gid + 1, HostID: gid + 1, Size: maxGID - gid})
}
return &options, uid, gid, nil
}
// GetKeepIDMapping returns the mappings and the user to use when keep-id is used
func GetKeepIDMapping(opts *namespaces.KeepIDUserNsOptions) (*stypes.IDMappingOptions, int, int, error) {
if !rootless.IsRootless() { if !rootless.IsRootless() {
options := stypes.IDMappingOptions{
HostUIDMapping: false,
HostGIDMapping: false,
}
uids, err := rootless.ReadMappingsProc("/proc/self/uid_map") uids, err := rootless.ReadMappingsProc("/proc/self/uid_map")
if err != nil { if err != nil {
return nil, 0, 0, err return nil, 0, 0, err
@ -224,33 +257,7 @@ func GetKeepIDMapping(opts *namespaces.KeepIDUserNsOptions) (*stypes.IDMappingOp
return nil, -1, -1, fmt.Errorf("cannot read mappings: %w", err) return nil, -1, -1, fmt.Errorf("cannot read mappings: %w", err)
} }
maxUID, maxGID := 0, 0 return getRootlessKeepIDMapping(uid, gid, uids, gids)
for _, u := range uids {
maxUID += u.Size
}
for _, g := range gids {
maxGID += g.Size
}
options.UIDMap, options.GIDMap = nil, nil
if len(uids) > 0 {
options.UIDMap = append(options.UIDMap, idtools.IDMap{ContainerID: 0, HostID: 1, Size: min(uid, maxUID)})
}
options.UIDMap = append(options.UIDMap, idtools.IDMap{ContainerID: uid, HostID: 0, Size: 1})
if maxUID > uid {
options.UIDMap = append(options.UIDMap, idtools.IDMap{ContainerID: uid + 1, HostID: uid + 1, Size: maxUID - uid})
}
if len(gids) > 0 {
options.GIDMap = append(options.GIDMap, idtools.IDMap{ContainerID: 0, HostID: 1, Size: min(gid, maxGID)})
}
options.GIDMap = append(options.GIDMap, idtools.IDMap{ContainerID: gid, HostID: 0, Size: 1})
if maxGID > gid {
options.GIDMap = append(options.GIDMap, idtools.IDMap{ContainerID: gid + 1, HostID: gid + 1, Size: maxGID - gid})
}
return &options, uid, gid, nil
} }
// GetNoMapMapping returns the mappings and the user to use when nomap is used // GetNoMapMapping returns the mappings and the user to use when nomap is used