Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use container user details to create new volumes. Fixes #5698 #6262

Closed
wants to merge 1 commit into from
Closed

Use container user details to create new volumes. Fixes #5698 #6262

wants to merge 1 commit into from

Conversation

sujil02
Copy link
Member

@sujil02 sujil02 commented May 18, 2020
edited by QiWang19
Loading

Use container user details to create new volumes.
Adds relevant test cases.

Adds relevant test cases.

Fixes #5698

Signed-off-by: Sujil02 [email protected]

@openshift-ci-robot
Copy link
Collaborator

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: sujil02
To complete the pull request process, please assign jwhonce
You can assign the PR to them by writing /assign @jwhonce in a comment when ready.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@sujil02 sujil02 force-pushed the user-kepid branch 2 times, most recently from 746db38 to addd7ee Compare May 18, 2020 13:04
mheon
mheon reviewed May 18, 2020
View reviewed changes
libpod/runtime_ctr.go
if err != nil {
volOptions = []VolumeCreateOption{WithVolumeName(vol.Name), WithVolumeUID(int(uid)), WithVolumeGID(int(gid))}
} else {
volOptions = []VolumeCreateOption{WithVolumeName(vol.Name), WithVolumeUID(ctr.RootUID()), WithVolumeGID(ctr.RootGID())}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why the fallback here? Do we expect this to fail?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It seems like this might be to handle cases where ctr.config.User is unset, but we should explicitly handle that case, not do a catch-all for errors.

@sujil02 sujil02 force-pushed the user-kepid branch 2 times, most recently from 5ed8d26 to c49c434 Compare May 18, 2020 20:10
@sujil02
Use container user details to create new volume.
e2f43b1 
Adds the Use container user details to create new volume while running a container
Also Adds relevant test cases.

Signed-off-by: Sujil02 <[email protected]>
mheon
mheon reviewed May 19, 2020
View reviewed changes
libpod/runtime_ctr.go
if ctr.config.User == "" {
volOptions = []VolumeCreateOption{WithVolumeName(vol.Name), WithVolumeUID(ctr.RootUID()), WithVolumeGID(ctr.RootGID())}
} else {
uid, gid, _, err := chrootuser.GetUser(ctr.state.Mountpoint, ctr.config.User)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looking at this further, we aren't actually mounted when this call happens. We need to mount the container first, then immediately unmount after this finishes.

@rhatdan
Copy link
Member

rhatdan commented Jun 9, 2020

@sujil02 What is the state of this PR? Lets get this finished, to close the issue.

@sujil02
Copy link
Member Author

sujil02 commented Jun 11, 2020

@sujil02 What is the state of this PR? Lets get this finished, to close the issue.

Yes i am working on this

@vrothberg
Copy link
Member

Friendly ping. @sujil02, are you willing to tackle this beyond the internship?

@rhatdan
Copy link
Member

rhatdan commented Jun 23, 2020

@vrothberg Could you take this over, since it fixes a bug. We need to get it done.

@vrothberg
Copy link
Member

@vrothberg Could you take this over, since it fixes a bug. We need to get it done.

Will do. Thanks a lot for your great work, @sujil02 !

@vrothberg vrothberg closed this Jun 23, 2020
@sujil02
Copy link
Member Author

sujil02 commented Jun 24, 2020

Friendly ping. @sujil02, are you willing to tackle this beyond the internship?

@vrothberg thank you for picking it. Sorry could not get this in time. Basically the issue that held this was that the container is not mounted when the volume was created hence picking details using chroot users might be the best solution.

@github-actions github-actions bot added the locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. label Sep 24, 2023
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 24, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@mheon mheon mheon left review comments

Assignees
No one assigned
Labels
locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

named volume created when running with userns=keep-id has wrong ownership
5 participants
@sujil02 @openshift-ci-robot @rhatdan @vrothberg @mheon