DAOS-15288 client: Verify user/group for daos_cont_set_owner

[kjacque]

• Ensure the requested user/group exists before setting it.
• Add a second API, daos_cont_set_owner_no_check(), for the case where the new owner/group can't be verified locally.
• Modify daos_test to verify both check and no_check cases.
• Add --no-check flag to daos cont set-owner.

Required-githooks: true

Features: container security

Before requesting gatekeeper:

• Two review approvals and any prior change requests have been resolved.
• Testing is complete and all tests passed or there is a reason documented in the PR why it should be force landed and forced-landing tag is set.
• Features: (or Test-tag*) commit pragma was used or there is a reason documented that there are no appropriate tags for this PR.
• Commit messages follows the guidelines outlined here.
• Any tests skipped by the ticket being addressed have been run and passed in the PR.

Gatekeeper:

• You are the appropriate gatekeeper to be landing the patch.
• The PR has 2 reviews by people familiar with the code, including appropriate owners.
• Githooks were used. If not, request that user install them and check copyright dates.
• Checkpatch issues are resolved. Pay particular attention to ones that will show up on future PRs.
• All builds have passed. Check non-required builds for any new compiler warnings.
• Sufficient testing is done. Check feature pragmas and test tags and that tests skipped for the ticket are run and now pass with the changes.
• If applicable, the PR has addressed any potential version compatibility issues.
• Check the target branch. If it is master branch, should the PR go to a feature branch? If it is a release branch, does it have merge approval in the JIRA ticket.
• Extra checks if forced landing is requested
  • Review comments are sufficiently resolved, particularly by prior reviewers that requested changes.
  • No new NLT or valgrind warnings. Check the classic view.
  • Quick-build or Quick-functional is not used.
• Fix the commit message upon landing. Check the standard here. Edit it to create a single commit. If necessary, ask submitter for a new summary.

[github-actions]

Ticket title is 'DAOS contianer set-owner behaves differently between posix and non-posix containers'
Status is 'In Review'
Labels: 'scrubbed,triaged'
https://daosio.atlassian.net/browse/DAOS-15288

[daosbuild1]

Test stage Functional on EL 8.8 completed with status FAILURE. https://build.hpdd.intel.com//job/daos-stack/job/daos/view/change-requests/job/PR-14290/1/execution/node/1198/log

[daosbuild1]

Test stage Functional on EL 8.8 completed with status FAILURE. https://build.hpdd.intel.com//job/daos-stack/job/daos/view/change-requests/job/PR-14290/2/execution/node/1173/log

[daosbuild1]

Test stage Functional on EL 8.8 completed with status UNSTABLE. https://build.hpdd.intel.com/job/daos-stack/job/daos//view/change-requests/job/PR-14290/3/testReport/

[daosbuild1]

Test stage Functional Hardware Medium Verbs Provider completed with status FAILURE. https://build.hpdd.intel.com//job/daos-stack/job/daos/view/change-requests/job/PR-14290/4/execution/node/1454/log

[kjacque]

Test failure is an existing issue on master: https://daosio.atlassian.net/issues/DAOS-15124

[daltonbohning]

ftest LGTM

[daosbuild1]

Test stage NLT on EL 8.8 completed with status FAILURE. https://build.hpdd.intel.com/job/daos-stack/job/daos/job/PR-14290/6/display/redirect

[daosbuild1]

Test stage Functional on EL 8.8 completed with status FAILURE. https://build.hpdd.intel.com//job/daos-stack/job/daos/view/change-requests/job/PR-14290/7/execution/node/1184/log

[daosbuild1]

Test stage Python Bandit check completed with status FAILURE. https://build.hpdd.intel.com//job/daos-stack/job/daos/view/change-requests/job/PR-14290/14/execution/node/145/log

[mchaarawi]

just a side comment for other reviewers, since this was added in master (not in 2.4.2) this is fine, no API breakage.

[mchaarawi]

just curious why have a function call and not do the == in the if condition below directly?

[kjacque]

I thought it communicated more clearly what -1 indicated. Figured the compiler will end up inlining this anyway during optimization.

[kjacque]

I just made a change to explicitly inline it.

[mjmac]

Go changes LGTM.

[daltonbohning]

ftest LGTM. Just nits. thanks for the updates!

[daltonbohning]

nit - it's preferred to put these on one line

Suggested change

	:avocado: tags=DaosContainerOwnerTest
	:avocado: tags=test_container_set_owner_no_check_non_posix
	:avocado: tags=DaosContainerOwnerTest,test_container_set_owner_no_check_non_posix

[daltonbohning]

nit

Suggested change

	:avocado: tags=DaosContainerOwnerTest
	:avocado: tags=test_container_set_owner_no_check_posix
	:avocado: tags=DaosContainerOwnerTest,test_container_set_owner_no_check_posix