Skip to content
This repository has been archived by the owner on Dec 13, 2018. It is now read-only.

Commit

Permalink
Rebases to master.
Browse files Browse the repository at this point in the history 
Signed-off-by: Mrunal Patel <mrunalp@gmail.com> (github: mrunalp)
  • Loading branch information
@mrunalp
mrunalp committed Jan 5, 2015
1 parent 285c771 commit dd5e8e0
Show file tree
Hide file tree
Showing 2 changed files with 22 additions and 26 deletions.
36 changes: 16 additions & 20 deletions namespaces/exec.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -166,17 +166,15 @@ func hostIDFromMapping(containerID int, uMap []libcontainer.IDMap) (int, bool) {
// when user namespaces are enabled.
func GetHostRootUid(container *libcontainer.Config) (int, error) {
hostRootUid := 0
for _, v := range container.Namespaces {
if v.Name == "NEWUSER" {
if container.UidMappings == nil {
return -1, fmt.Errorf("User namespaces enabled, but no user mappings found.")
}
hostRootUid, found := hostIDFromMapping(0, container.UidMappings)
if !found {
return -1, fmt.Errorf("User namespaces enabled, but no root user mapping found.")
} else {
return hostRootUid, nil
}
if container.Namespaces.Contains(libcontainer.NEWUSER) {
if container.UidMappings == nil {
return -1, fmt.Errorf("User namespaces enabled, but no user mappings found.")
}
hostRootUid, found := hostIDFromMapping(0, container.UidMappings)
if !found {
return -1, fmt.Errorf("User namespaces enabled, but no root user mapping found.")
} else {
return hostRootUid, nil
}
}

Expand Down Expand Up @@ -234,16 +232,14 @@ func DefaultCreateCommand(container *libcontainer.Config, console, dataPath, ini
command.SysProcAttr.Pdeathsig = syscall.SIGKILL
command.ExtraFiles = []*os.File{pipe}

for _, v := range container.Namespaces {
if v.Name == "NEWUSER" {
if container.UidMappings != nil || container.GidMappings != nil {
AddUidGidMappings(command.SysProcAttr, container)
}
if container.Namespaces.Contains(libcontainer.NEWUSER) {
if container.UidMappings != nil || container.GidMappings != nil {
AddUidGidMappings(command.SysProcAttr, container)
}

// Default to root user when user namespaces are enabled.
if command.SysProcAttr.Credential == nil {
command.SysProcAttr.Credential = &syscall.Credential{}
}
// Default to root user when user namespaces are enabled.
if command.SysProcAttr.Credential == nil {
command.SysProcAttr.Credential = &syscall.Credential{}
}
}

Expand Down
12 changes: 6 additions & 6 deletions sample_configs/userns.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -182,12 +182,12 @@
],
"hostname": "koye",
"namespaces": [
{"name": "NEWIPC"},
{"name": "NEWNET"},
{"name": "NEWNS"},
{"name": "NEWPID"},
{"name": "NEWUTS"},
{"name": "NEWUSER"}
{"type": "NEWIPC"},
{"type": "NEWNET"},
{"type": "NEWNS"},
{"type": "NEWPID"},
{"type": "NEWUTS"},
{"type": "NEWUSER"}
],
"networks": [
{
Expand Down

0 comments on commit dd5e8e0

Please sign in to comment.