podman

Commit Graph

Author	SHA1	Message	Date
Daniel J Walsh	14a6d51a84	Merge pull request #1091 from giuseppe/rootless-unshare-mount-ns rootless: unshare mount namespace	2018-07-13 14:16:24 -04:00
Giuseppe Scrivano	62e48e5b71	rootless: correctly propagate the exit status from the container Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>	2018-07-13 16:41:11 +02:00
Giuseppe Scrivano	6ffcb98a70	rootless: unshare mount namespace unshare the mount namespace as well when creating an user namespace so that we are the owner of the mount namespace and we can mount FUSE file systems on Linux 4.18. Tested on Fedora Rawhide: podman --storage-opt overlay.fuse_program=/usr/bin/fuse-overlayfs run alpine echo hello hello Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>	2018-07-13 16:37:37 +02:00
Giuseppe Scrivano	84cfdb2061	rootless: fix when argv[0] is not an absolute path use execvp instead of exec so that we keep the PATH environment variable and the lookup for the "podman" executable works. Closes: https://github.com/projectatomic/libpod/issues/1070 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1072 Approved by: mheon	2018-07-10 16:13:43 +00:00
Giuseppe Scrivano	a1545fe6e4	rootless: add function to retrieve the original UID After we re-exec in the userNS os.Getuid() returns the new UID (= 0) which is not what we want to use. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1048 Approved by: mheon	2018-07-05 13:30:15 +00:00
Giuseppe Scrivano	20862c9746	rootless: do not configure additional groups Additional groups are not allowed in an userNS. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #936 Approved by: rhatdan	2018-06-27 14:07:17 +00:00
Giuseppe Scrivano	5ff90677c8	rootless: add management for the userNS When running podman as non root user always create an userNS and let the OCI runtime use it. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #936 Approved by: rhatdan	2018-06-27 14:07:17 +00:00

7 Commits