From a891199b9acc59770554f98c81151f394f900091 Mon Sep 17 00:00:00 2001
From: Giuseppe Scrivano <gscrivan@redhat.com>
Date: Mon, 21 Nov 2022 15:15:05 +0100
Subject: [PATCH] specgen: honor user namespace value

honor eventual options set in the containers.userns setting in the
containers.conf file, e.g.:

[containers]
userns = "auto:size=8192"

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
---
 pkg/specgen/generate/container_create.go |  7 +++++--
 test/e2e/run_userns_test.go              | 22 +++++++++++++++++++++-
 2 files changed, 26 insertions(+), 3 deletions(-)

diff --git a/pkg/specgen/generate/container_create.go b/pkg/specgen/generate/container_create.go
index 8eab0c2853..35928a57fd 100644
--- a/pkg/specgen/generate/container_create.go
+++ b/pkg/specgen/generate/container_create.go
@@ -88,8 +88,11 @@ func MakeContainer(ctx context.Context, rt *libpod.Runtime, s *specgen.SpecGener
 			return nil, nil, nil, err
 		}
 		s.UserNS = defaultNS
-
-		mappings, err := util.ParseIDMapping(namespaces.UsernsMode(s.UserNS.NSMode), nil, nil, "", "")
+		value := string(s.UserNS.NSMode)
+		if s.UserNS.Value != "" {
+			value = value + ":" + s.UserNS.Value
+		}
+		mappings, err := util.ParseIDMapping(namespaces.UsernsMode(value), nil, nil, "", "")
 		if err != nil {
 			return nil, nil, nil, err
 		}
diff --git a/test/e2e/run_userns_test.go b/test/e2e/run_userns_test.go
index 27a986a328..12f7276e3c 100644
--- a/test/e2e/run_userns_test.go
+++ b/test/e2e/run_userns_test.go
@@ -4,6 +4,7 @@ import (
 	"fmt"
 	"os"
 	"os/user"
+	"path/filepath"
 	"strings"
 
 	. "github.com/containers/podman/v4/test/utils"
@@ -13,6 +14,19 @@ import (
 	. "github.com/onsi/gomega/gexec"
 )
 
+func createContainersConfFileWithCustomUserns(pTest *PodmanTestIntegration, userns string) {
+	configPath := filepath.Join(pTest.TempDir, "containers.conf")
+	containersConf := []byte(fmt.Sprintf("[containers]\nuserns = \"%s\"\n", userns))
+	err := os.WriteFile(configPath, containersConf, os.ModePerm)
+	Expect(err).To(BeNil())
+
+	// Set custom containers.conf file
+	os.Setenv("CONTAINERS_CONF", configPath)
+	if IsRemote() {
+		pTest.RestartRemoteService()
+	}
+}
+
 var _ = Describe("Podman UserNS support", func() {
 	var (
 		tempdir    string
@@ -39,7 +53,7 @@ var _ = Describe("Podman UserNS support", func() {
 		podmanTest.Cleanup()
 		f := CurrentGinkgoTestDescription()
 		processTestResult(f)
-
+		os.Unsetenv("CONTAINERS_CONF")
 	})
 
 	// Note: Lot of tests for build with --userns=auto are already there in buildah
@@ -211,6 +225,12 @@ var _ = Describe("Podman UserNS support", func() {
 		}
 		// check for no duplicates
 		Expect(m).To(HaveLen(5))
+
+		createContainersConfFileWithCustomUserns(podmanTest, "auto:size=1019")
+		session := podmanTest.Podman([]string{"run", "alpine", "cat", "/proc/self/uid_map"})
+		session.WaitWithDefaultTimeout()
+		Expect(session).Should(Exit(0))
+		Expect(session.OutputToString()).To(ContainSubstring("1019"))
 	})
 
 	It("podman --userns=auto:size=%d", func() {