volumes: Fix idmap not working for volumes

idmap is documented as supported for volumes, but it was not added to
the getNamedVolume() function.

Fixes: e83d36665 ("volumes: add new option idmap")
Signed-off-by: Kristian Klausen <kristian@klausen.dk>
This commit is contained in:
Kristian Klausen 2022-10-21 16:12:01 +02:00
parent 47bcd10f61
commit 3e6637a3b0
No known key found for this signature in database
GPG Key ID: E2BE346E410366C3
2 changed files with 16 additions and 0 deletions

View File

@ -584,6 +584,12 @@ func getNamedVolume(args []string) (*specgen.NamedVolume, error) {
}
newVolume.Dest = unixPathClean(kv[1])
setDest = true
case "idmap":
if len(kv) > 1 {
newVolume.Options = append(newVolume.Options, fmt.Sprintf("idmap=%s", kv[1]))
} else {
newVolume.Options = append(newVolume.Options, "idmap")
}
case "U", "chown":
if setOwnership {
return newVolume, fmt.Errorf("cannot pass 'U' or 'chown' option more than once: %w", errOptionArg)

View File

@ -94,6 +94,16 @@ var _ = Describe("Podman UserNS support", func() {
Expect(session.OutputToString()).To(ContainSubstring("hello"))
})
It("podman uidmapping and gidmapping with a idmapped volume", func() {
session := podmanTest.Podman([]string{"run", "--uidmap=0:1:500", "--gidmap=0:200:5000", "-v", "my-foo-volume:/foo:Z,idmap", "alpine", "echo", "hello"})
session.WaitWithDefaultTimeout()
if strings.Contains(session.ErrorToString(), "Operation not permitted") {
Skip("not sufficiently privileged")
}
Expect(session).Should(Exit(0))
Expect(session.OutputToString()).To(ContainSubstring("hello"))
})
It("podman uidmapping and gidmapping --net=host", func() {
session := podmanTest.Podman([]string{"run", "--net=host", "--uidmap=0:1:5000", "--gidmap=0:200:5000", "alpine", "echo", "hello"})
session.WaitWithDefaultTimeout()