From 30bd8ed506cd497d7790e6e4cc7258c043cc9315 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Mon, 5 Oct 2020 08:34:48 -0400 Subject: [PATCH] Fix handling of CheckRootlessUIDRange If I have multiple ranges of UIDs specified in the /etc/subuid, this check blows up and incorrectly blocks the use of --user flag. Signed-off-by: Daniel J Walsh --- pkg/util/utils_linux.go | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/pkg/util/utils_linux.go b/pkg/util/utils_linux.go index 29b16f7650..e4957f4424 100644 --- a/pkg/util/utils_linux.go +++ b/pkg/util/utils_linux.go @@ -60,11 +60,12 @@ func CheckRootlessUIDRange(uid int) error { if err != nil { return err } + total := 0 for _, u := range uids { - // add 1 since we also map in the user's own UID - if uid > u.Size+1 { - return errors.Errorf("requested user's UID %d is too large for the rootless user namespace", uid) - } + total += u.Size + } + if uid > total { + return errors.Errorf("requested user's UID %d is too large for the rootless user namespace", uid) } return nil }