libcontainer: CurrentGroupSubGIDs -> CurrentUserSubGIDs
subgid is defined per user, not group (see subgid(5)) This commit also adds support for specifying subuid owner with a numeric UID. Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
This commit is contained in:
parent
1555a78945
commit
b34d6d8a7c
|
@ -5,6 +5,7 @@ package user
|
||||||
import (
|
import (
|
||||||
"io"
|
"io"
|
||||||
"os"
|
"os"
|
||||||
|
"strconv"
|
||||||
|
|
||||||
"golang.org/x/sys/unix"
|
"golang.org/x/sys/unix"
|
||||||
)
|
)
|
||||||
|
@ -115,22 +116,23 @@ func CurrentGroup() (Group, error) {
|
||||||
return LookupGid(unix.Getgid())
|
return LookupGid(unix.Getgid())
|
||||||
}
|
}
|
||||||
|
|
||||||
func CurrentUserSubUIDs() ([]SubID, error) {
|
func currentUserSubIDs(fileName string) ([]SubID, error) {
|
||||||
u, err := CurrentUser()
|
u, err := CurrentUser()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
return ParseSubIDFileFilter("/etc/subuid",
|
filter := func(entry SubID) bool {
|
||||||
func(entry SubID) bool { return entry.Name == u.Name })
|
return entry.Name == u.Name || entry.Name == strconv.Itoa(u.Uid)
|
||||||
|
}
|
||||||
|
return ParseSubIDFileFilter(fileName, filter)
|
||||||
}
|
}
|
||||||
|
|
||||||
func CurrentGroupSubGIDs() ([]SubID, error) {
|
func CurrentUserSubUIDs() ([]SubID, error) {
|
||||||
g, err := CurrentGroup()
|
return currentUserSubIDs("/etc/subuid")
|
||||||
if err != nil {
|
}
|
||||||
return nil, err
|
|
||||||
}
|
func CurrentUserSubGIDs() ([]SubID, error) {
|
||||||
return ParseSubIDFileFilter("/etc/subgid",
|
return currentUserSubIDs("/etc/subgid")
|
||||||
func(entry SubID) bool { return entry.Name == g.Name })
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func CurrentProcessUIDMap() ([]IDMap, error) {
|
func CurrentProcessUIDMap() ([]IDMap, error) {
|
||||||
|
|
Loading…
Reference in New Issue