archive: fix logic for skipping mknod when running in userns#2163
archive: fix logic for skipping mknod when running in userns#2163dmcgowan merged 1 commit intocontainerd:masterfrom
Conversation
Signed-off-by: Akihiro Suda <[email protected]>
|
LGTM What versions are impacted? |
|
Was also going to mention a testcase, but I know from the moby PRs that did similar work for the graphdrivers that it's a bit tricky re: dependencies on CI setup (e.g. need |
|
Is it ok to unshare+reexec the Go test binary? |
Since the initial revision: 0deba01 |
|
LGTM @AkihiroSuda when submitting these sort of bugs can you please add clarity of the environment in which you are running into it. How are you using user namespace, what is being run without privilege, etc. We want to try and support as many cases as possible but will be helpful for reproduction and helping come up with test cases. We can add a test for this later, I am going to merge. |
|
Ah, sorry Terminal 1:$ mkdir -p ~/.config/containerd
$ cat ~/.config/containerd/config.toml << EOF
root = "/home/suda/.local/share/containerd"
state = "/run/user/1001/containerd"
subreaper = false
oom_score = 0
[grpc]
address = "/run/user/1001/containerd/containerd.sock"
[debug]
level = "debug"
address = "/run/user/1001/containerd/debug.sock"
[metrics]
address = ""
[plugins.linux]
runtime_root = "/run/user/1001/containerd/runc"
EOF
$ unshare -U -m
unshared$ echo $$
3539Terminal 2:$ id -u
1001
$ grep $(whoami) /etc/subuid
suda:231072:65536
$ grep $(whoami) /etc/subgid
suda:231072:65536
$ newuidmap 3539 0 1001 1 1 231072 65536
$ newgidmap 3539 0 1001 1 1 231072 65536Terminal 1:unshared# containerd -c ~/.config/containerd/config.tomlTerminal 2:$ nsenter -U -m -t 3539
unshared# ctr -a /run/user/1001/containerd/containerd.sock images pull docker.io/library/ubuntu:latest( |
4 participants
Signed-off-by: Akihiro Suda [email protected]
ctr images pull docker.io/library/ubuntu:latestwas failing withlchown /home/suda/.local/share/containerd/tmpmounts/containerd-mount363494842/dev/agpgart: no such file or directory.