Skip to content

Set the user on exec #86

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
rumpl merged 1 commit into from
Sep 12, 2022
Merged

Set the user on exec #86

rumpl merged 1 commit into from
Sep 12, 2022

Conversation

@rumpl
Copy link
Owner

@rumpl rumpl commented Sep 8, 2022

- What I did

Fixed exec when specifiying a user:

$ docker run -d --rm -it ubuntu /bin/bash 
fb183991d3b1a2fbcea9d97b49a01cfefd7869ca6a4d428cdd0843853468ec25
$ docker exec -u 1000 fb183991d3b1a2fbcea9d97b49a01cfefd7869ca6a4d428cdd0843853468ec25 id
uid=1000 gid=0(root) groups=0(root)

- How I did it

By getting the container from containerd and asking it to populate the spec with the right user.

@rumpl rumpl force-pushed the exec-user branch 6 times, most recently from d459f61 to 62a2e2d Compare September 8, 2022 14:09
ndeloof
ndeloof reviewed Sep 12, 2022
View reviewed changes
daemon/exec_linux.go
return err
}
opts := []oci.SpecOpts{
coci.WithUser(ec.User),
Copy link
Collaborator

@ndeloof ndeloof Sep 12, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wonder this should be guarded by ec.User != nil. Otherwise, if no explicit user is set, this will reset additionalGIDs without any replacement

Copy link
Owner Author

@rumpl rumpl Sep 12, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's guarded by if len(ec.User) > 0

Copy link
Collaborator

@ndeloof ndeloof Sep 12, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh my bad. 👍

ndeloof
ndeloof approved these changes Sep 12, 2022
View reviewed changes
Copy link
Collaborator

@ndeloof ndeloof left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, with an open question on nil ec.User

ndeloof
ndeloof approved these changes Sep 12, 2022
View reviewed changes
daemon/exec_linux.go
return err
}
opts := []oci.SpecOpts{
coci.WithUser(ec.User),
Copy link
Collaborator

@ndeloof ndeloof Sep 12, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh my bad. 👍

@rumpl rumpl merged commit e001249 into c8d Sep 12, 2022
@rumpl rumpl deleted the exec-user branch November 22, 2022 00:16
@rumpl rumpl mentioned this pull request Apr 4, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ndeloof ndeloof ndeloof approved these changes

Assignees

No one assigned

Labels

upstreamed

Projects

Upstreaming moby
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@rumpl @ndeloof @thaJeztah