proxmox-mirrors/mirror_lxc
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_lxc synced 2025-07-27 12:37:35 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

lxc-oci: add basic handling of numerical uid/gid

Browse Source 
Signed-off-by: Felix Abecassis <fabecassis@nvidia.com>
This commit is contained in:
Felix Abecassis 2017-12-08 16:58:08 -08:00
parent f6812e7f2e
commit e86dcc912f
1 changed files with 23 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
templates/lxc-oci.in
View File

@ -121,6 +121,25 @@ getenv() {
return return
} }
# FIXME 1: only support numerical values in the configuration file.
# FIXME 2: from the OCI image spec: "If group/gid is not specified,
# the default group and supplementary groups of the given user/uid in
# /etc/passwd from the container are applied."
getuidgid() {
if [ "$#" -eq 0 ]; then
echo "0 0"
return
fi
configpath="$1"
uidgid=`cat "${configpath}" | jq -c -r '.config.User // "0:0"'`
uidgid=(${uidgid//:/ })
printf '%d %d' ${uidgid[0]:-0} ${uidgid[1]:-0} 2>/dev/null || true
return
}
usage() { usage() {
cat <<EOF cat <<EOF
LXC container template for OCI images LXC container template for OCI images
@ -291,6 +310,10 @@ cat <<EOF > ${LXC_ROOTFS}/etc/hosts
127.0.1.1 ${LXC_NAME} 127.0.1.1 ${LXC_NAME}
EOF EOF
uidgid=($(getuidgid ${OCI_CONF_FILE}))
echo "lxc.init.uid = ${uidgid[0]}" >> "${LXC_CONF_FILE}"
echo "lxc.init.gid = ${uidgid[1]}" >> "${LXC_CONF_FILE}"
if [ -n "$LXC_MAPPED_UID" ] && [ "$LXC_MAPPED_UID" != "-1" ]; then if [ -n "$LXC_MAPPED_UID" ] && [ "$LXC_MAPPED_UID" != "-1" ]; then
chown $LXC_MAPPED_UID $LXC_PATH/config $LXC_PATH/fstab >/dev/null 2>&1 || true chown $LXC_MAPPED_UID $LXC_PATH/config $LXC_PATH/fstab >/dev/null 2>&1 || true
fi fi