specgen: honor user namespace value

honor eventual options set in the containers.userns setting in the containers.conf file, e.g.: [containers] userns = "auto:size=8192" Signed-off-by: Giuseppe Scrivano <[email protected]>
containers · Nov 21, 2022 · a891199 · a891199
1 parent 3f76f29
commit a891199
Show file tree

Hide file tree

Showing 2 changed files with 26 additions and 3 deletions.
diff --git a/pkg/specgen/generate/container_create.go b/pkg/specgen/generate/container_create.go
@@ -88,8 +88,11 @@ func MakeContainer(ctx context.Context, rt *libpod.Runtime, s *specgen.SpecGener
 			return nil, nil, nil, err
 		}
 		s.UserNS = defaultNS
-
-		mappings, err := util.ParseIDMapping(namespaces.UsernsMode(s.UserNS.NSMode), nil, nil, "", "")
+		value := string(s.UserNS.NSMode)
+		if s.UserNS.Value != "" {
+			value = value + ":" + s.UserNS.Value
+		}
+		mappings, err := util.ParseIDMapping(namespaces.UsernsMode(value), nil, nil, "", "")
 		if err != nil {
 			return nil, nil, nil, err
 		}

diff --git a/test/e2e/run_userns_test.go b/test/e2e/run_userns_test.go
@@ -4,6 +4,7 @@ import (
 	"fmt"
 	"os"
 	"os/user"
+	"path/filepath"
 	"strings"
 
 	. "github.com/containers/podman/v4/test/utils"
@@ -13,6 +14,19 @@ import (
 	. "github.com/onsi/gomega/gexec"
 )
 
+func createContainersConfFileWithCustomUserns(pTest *PodmanTestIntegration, userns string) {
+	configPath := filepath.Join(pTest.TempDir, "containers.conf")
+	containersConf := []byte(fmt.Sprintf("[containers]\nuserns = \"%s\"\n", userns))
+	err := os.WriteFile(configPath, containersConf, os.ModePerm)
+	Expect(err).To(BeNil())
+
+	// Set custom containers.conf file
+	os.Setenv("CONTAINERS_CONF", configPath)
+	if IsRemote() {
+		pTest.RestartRemoteService()
+	}
+}
+
 var _ = Describe("Podman UserNS support", func() {
 	var (
 		tempdir    string
@@ -39,7 +53,7 @@ var _ = Describe("Podman UserNS support", func() {
 		podmanTest.Cleanup()
 		f := CurrentGinkgoTestDescription()
 		processTestResult(f)
-
+		os.Unsetenv("CONTAINERS_CONF")
 	})
 
 	// Note: Lot of tests for build with --userns=auto are already there in buildah
@@ -211,6 +225,12 @@ var _ = Describe("Podman UserNS support", func() {
 		}
 		// check for no duplicates
 		Expect(m).To(HaveLen(5))
+
+		createContainersConfFileWithCustomUserns(podmanTest, "auto:size=1019")
+		session := podmanTest.Podman([]string{"run", "alpine", "cat", "/proc/self/uid_map"})
+		session.WaitWithDefaultTimeout()
+		Expect(session).Should(Exit(0))
+		Expect(session.OutputToString()).To(ContainSubstring("1019"))
 	})
 
 	It("podman --userns=auto:size=%d", func() {