- commit
- be12c816a3b78ca2ee2ff1c3a363f3447cc95f31
- parent
- 759ff4e80674aed3d2e0908334c3aad147cdb4e3
- Author
- Tobias Bengfort <tobias.bengfort@posteo.de>
- Date
- 2023-09-08 10:00
Fixup: resolve uids inside of container onl works for names defined in /etc/passwd|group
Diffstat
| M | d-run | 23 | +++++++++++++++-------- |
1 files changed, 15 insertions, 8 deletions
diff --git a/d-run b/d-run
@@ -3,8 +3,6 @@ 3 3 import os 4 4 import json 5 5 import argparse6 -1 import grp7 -1 import pwd8 6 9 7 10 8 def make_volume(path, dir): @@ -27,17 +25,26 @@ def make_volume(path, dir): 27 25 return [op, hostpath, path] 28 26 29 2730 -1 def parse_user(user):-1 28 def get_id(file, name): -1 29 with open(file) as fh: -1 30 for line in fh: -1 31 parts = line.split(':') -1 32 if parts[0] == name: -1 33 return parts[2] -1 34 raise KeyError(name) -1 35 -1 36 -1 37 def parse_user(user, root): 31 38 uid = user 32 39 gid = None 33 40 34 41 if ':' in user: 35 42 uid, gid = uid.split(':', 1) 36 43 if not gid.isdigit():37 -1 gid = grp.getgrnam(gid).gr_gid-1 44 gid = get_id(os.path.join(root, 'etc/group'), gid) 38 45 39 46 if not uid.isdigit():40 -1 uid = pwd.getpwnam(uid).pw_uid-1 47 uid = get_id(os.path.join(root, 'etc/passwd'), uid) 41 48 42 49 return uid, gid 43 50 @@ -77,10 +84,10 @@ def build_cmd(dir, config): 77 84 cmd += ['--remount-ro', '/'] 78 85 79 86 if config.get('User'):80 -1 uid, gid = parse_user(config['User'])81 -1 cmd += ['--uid', str(uid)]-1 87 uid, gid = parse_user(config['User'], os.path.join(dir, 'rootfs')) -1 88 cmd += ['--uid', uid] 82 89 if gid is not None:83 -1 cmd += ['--gid', str(gid)]-1 90 cmd += ['--gid', gid] 84 91 85 92 if config.get('Entrypoint'): 86 93 cmd += config['Entrypoint']