containers
/
podman
mirror of https://github.com/containers/podman.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

play: handle 'private' as 'auto' 

currently there is no way to specify the mappings, so at least treat a
private user namespace as "auto".

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
This commit is contained in:
Giuseppe Scrivano 2024-07-11 16:13:11 +02:00
parent 61f0230c31
commit fa2590a97a
No known key found for this signature in database
GPG Key ID: 67E38F7A8BA21772
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
pkg/domain/infra/abi/play.go
View File

@ -610,6 +610,10 @@ func (ic *ContainerEngine) playKubePod(ctx context.Context, podName string, podY
} else {
options.Userns = "host"
}
// FIXME: how to deal with explicit mappings?
if options.Userns == "private" {
options.Userns = "auto"
}
} else if podYAML.Spec.HostUsers != nil {
logrus.Info("overriding the user namespace mode in the pod spec")
}