containers
/
podman
mirror of https://github.com/containers/podman.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

rootless: drop permission check for devices 

commit 350ede1eeb added the feature.

Do not check whether the device is usable by the rootless user before
adding to the container.

Closes: https://github.com/containers/podman/issues/12704

[NO NEW TESTS NEEDED] it requires changes on the host to test it

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
This commit is contained in:
Giuseppe Scrivano 2022-01-27 09:31:31 +01:00
parent 09589fccfd
commit 6336e1ff1e
No known key found for this signature in database
GPG Key ID: 67E38F7A8BA21772
1 changed files with 0 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
pkg/specgen/generate/config_linux.go
View File

@ -47,17 +47,6 @@ func addPrivilegedDevices(g *generate.Generator) error {
if _, found := mounts[d.Path]; found { if _, found := mounts[d.Path]; found {
continue continue
} }
st, err := os.Stat(d.Path)
if err != nil {
if err == unix.EPERM {
continue
}
return err
}
// Skip devices that the user has not access to.
if st.Mode()&0007 == 0 {
continue
}
newMounts = append(newMounts, devMnt) newMounts = append(newMounts, devMnt)
} }
g.Config.Mounts = append(newMounts, g.Config.Mounts...) g.Config.Mounts = append(newMounts, g.Config.Mounts...)