@@ -39,9 +39,24 @@ const (
3939// to shift the filesystem ownership (user namespace mapping) automatically; currently
4040// supported by the fuse-overlayfs and overlay snapshotters
4141func WithRemapperLabels (ctrUID , hostUID , ctrGID , hostGID , length uint32 ) snapshots.Opt {
42+ uidMap := []specs.LinuxIDMapping {{ContainerID : ctrUID , HostID : hostUID , Size : length }}
43+ gidMap := []specs.LinuxIDMapping {{ContainerID : ctrGID , HostID : hostGID , Size : length }}
44+ return WithUserNSRemapperLabels (uidMap , gidMap )
45+ }
46+
47+ // WithUserNSRemapperLabels creates the labels used by any supporting snapshotter
48+ // to shift the filesystem ownership (user namespace mapping) automatically; currently
49+ // supported by the fuse-overlayfs and overlay snapshotters
50+ func WithUserNSRemapperLabels (uidmaps , gidmaps []specs.LinuxIDMapping ) snapshots.Opt {
51+ idMap := userns.IDMap {
52+ UidMap : uidmaps ,
53+ GidMap : gidmaps ,
54+ }
55+ uidmapLabel , gidmapLabel := idMap .Marshal ()
4256 return snapshots .WithLabels (map [string ]string {
43- snapshots .LabelSnapshotUIDMapping : fmt .Sprintf ("%d:%d:%d" , ctrUID , hostUID , length ),
44- snapshots .LabelSnapshotGIDMapping : fmt .Sprintf ("%d:%d:%d" , ctrGID , hostGID , length )})
57+ snapshots .LabelSnapshotUIDMapping : uidmapLabel ,
58+ snapshots .LabelSnapshotGIDMapping : gidmapLabel ,
59+ })
4560}
4661
4762func resolveSnapshotOptions (ctx context.Context , client * Client , snapshotterName string , snapshotter snapshots.Snapshotter , parent string , opts ... snapshots.Opt ) (string , error ) {
@@ -89,27 +104,15 @@ func resolveSnapshotOptions(ctx context.Context, client *Client, snapshotterName
89104 return "" , fmt .Errorf ("snapshotter %q doesn't support idmap mounts on this host, configure `slow_chown` to allow a slower and expensive fallback" , snapshotterName )
90105 }
91106
92- var uidMap , gidMap specs.LinuxIDMapping
93- _ , err = fmt .Sscanf (uidMapLabel , "%d:%d:%d" , & uidMap .ContainerID , & uidMap .HostID , & uidMap .Size )
94- if err != nil {
95- return "" , fmt .Errorf ("uidMapLabel unparsable: %w" , err )
96- }
97- _ , err = fmt .Sscanf (gidMapLabel , "%d:%d:%d" , & gidMap .ContainerID , & gidMap .HostID , & gidMap .Size )
98- if err != nil {
99- return "" , fmt .Errorf ("gidMapLabel unparsable: %w" , err )
107+ rsn := remappedSnapshot {Parent : parent }
108+ if err = rsn .IDMap .Unmarshal (uidMapLabel , gidMapLabel ); err != nil {
109+ return "" , fmt .Errorf ("failed to unmarshal uid/gid map snapshotter labels: %w" , err )
100110 }
101111
102- if uidMap . ContainerID != 0 || gidMap . ContainerID != 0 {
103- return "" , fmt .Errorf ("Container UID/GID of 0 only supported currently (%d/%d)" , uidMap . ContainerID , gidMap . ContainerID )
112+ if _ , err := rsn . IDMap . RootPair (); err != nil {
113+ return "" , fmt .Errorf ("container UID/GID mapping entries of 0 are required but not found" )
104114 }
105115
106- rsn := remappedSnapshot {
107- Parent : parent ,
108- IDMap : userns.IDMap {
109- UidMap : []specs.LinuxIDMapping {uidMap },
110- GidMap : []specs.LinuxIDMapping {gidMap },
111- },
112- }
113116 usernsID , err := rsn .ID ()
114117 if err != nil {
115118 return "" , fmt .Errorf ("failed to remap snapshot: %w" , err )
0 commit comments