From cacc15360ec04abb4c45f918e83bf33203946e32 Mon Sep 17 00:00:00 2001 From: Mrunal Patel Date: Fri, 13 Feb 2015 19:50:00 -0500 Subject: [PATCH] Add config generation for simple user namespace testing. Signed-off-by: Mrunal Patel --- nsinit/config.go | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/nsinit/config.go b/nsinit/config.go index cbd25630..e26f39e9 100644 --- a/nsinit/config.go +++ b/nsinit/config.go @@ -4,6 +4,7 @@ import ( "bytes" "encoding/json" "io" + "math" "os" "path/filepath" "syscall" @@ -27,6 +28,7 @@ var createFlags = []cli.Flag{ cli.StringFlag{Name: "apparmor-profile", Usage: "set the apparmor profile"}, cli.StringFlag{Name: "process-label", Usage: "set the process label"}, cli.StringFlag{Name: "mount-label", Usage: "set the mount label"}, + cli.IntFlag{Name: "userns-root-uid", Usage: "set the user namespace root uid"}, } var configCommand = cli.Command{ @@ -70,6 +72,21 @@ func modify(config *configs.Config, context *cli.Context) { config.AppArmorProfile = context.String("apparmor-profile") config.ProcessLabel = context.String("process-label") config.MountLabel = context.String("mount-label") + + userns_uid := context.Int("userns-root-uid") + if userns_uid != 0 { + config.Namespaces = append(config.Namespaces, configs.Namespace{Type: configs.NEWUSER}) + config.UidMappings = []configs.IDMap{ + {ContainerID: 0, HostID: userns_uid, Size: 1}, + {ContainerID: 1, HostID: 1, Size: userns_uid - 1}, + {ContainerID: userns_uid + 1, HostID: userns_uid + 1, Size: math.MaxInt32 - userns_uid}, + } + config.GidMappings = []configs.IDMap{ + {ContainerID: 0, HostID: userns_uid, Size: 1}, + {ContainerID: 1, HostID: 1, Size: userns_uid - 1}, + {ContainerID: userns_uid + 1, HostID: userns_uid + 1, Size: math.MaxInt32 - userns_uid}, + } + } } func getTemplate() *configs.Config {