New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
integrate github.com/opencontainers/runc/libcontainer/user (alternative) #134
integrate github.com/opencontainers/runc/libcontainer/user (alternative) #134
Commits on Feb 1, 2014
-
Move UserLookup functionality into a separate pkg/user submodule that…
… implements proper parsing of /etc/passwd and /etc/group, and use that to add support for "docker run -u user:group" and for getting supplementary groups (if ":group" is not specified) Docker-DCO-1.1-Signed-off-by: Andrew Page <admwiggin@gmail.com> (github: tianon)
Configuration menu - View commit details
-
Copy full SHA for 9331e29 - Browse repository at this point
Copy the full SHA 9331e29View commit details -
Use type switch instead of reflection
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
Configuration menu - View commit details
-
Copy full SHA for 5e76f74 - Browse repository at this point
Copy the full SHA 5e76f74View commit details
Commits on May 18, 2014
-
Fixes #5647 Docker-DCO-1.1-Signed-off-by: Alexandr Morozov <lk4d4math@gmail.com> (github: LK4D4)
Configuration menu - View commit details
-
Copy full SHA for b64c71e - Browse repository at this point
Copy the full SHA b64c71eView commit details
Commits on Sep 16, 2023
-
Move "pkg/user" into libcontainer and add support for GetUserGroupSup…
…plementary to return "Home" too Docker-DCO-1.1-Signed-off-by: Andrew Page <admwiggin@gmail.com> (github: tianon)
Configuration menu - View commit details
-
Copy full SHA for e70ad14 - Browse repository at this point
Copy the full SHA e70ad14View commit details -
user: *: refactor and expand libcontainer/user API
This patch refactors most of GetUserGroupSupplementaryHome and its signature, to make using it much simpler. The private parsing ftunctions have also been exposed (parsePasswdFile, parseGroupFile) to allow custom data source to be used (increasing the versatility of the user/ tools). In addition, file path wrappers around the formerly private API functions have been added to make usage of the API for callers easier if the files that are being parsed are on the filesystem (while the io.Reader APIs are exposed for non-traditional usecases). Signed-off-by: Aleksa Sarai <cyphar@cyphar.com> (github: cyphar)
Configuration menu - View commit details
-
Copy full SHA for ef3397c - Browse repository at this point
Copy the full SHA ef3397cView commit details -
user: lookup: added os/user-like lookup API
This patch adds an os/user-like user lookup API, implemented in pure Go. It also has some features not present in the standard library implementation (such as group lookups). Signed-off-by: Aleksa Sarai <cyphar@cyphar.com> (github: cyphar)
Configuration menu - View commit details
-
Copy full SHA for 03c82a3 - Browse repository at this point
Copy the full SHA 03c82a3View commit details -
user: add unit tests for GetExecUser
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com> (github: cyphar)
Configuration menu - View commit details
-
Copy full SHA for 3b425cc - Browse repository at this point
Copy the full SHA 3b425ccView commit details -
Merge remote-tracking branch 'origin/master' into api
Signed-off-by: Andrey Vagin <avagin@openvz.org>
Configuration menu - View commit details
-
Copy full SHA for 52e6df1 - Browse repository at this point
Copy the full SHA 52e6df1View commit details -
Lookup additional groups in the container.
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 6f2328c - Browse repository at this point
Copy the full SHA 6f2328cView commit details -
refactor GetAdditionalGroupsPath
This parses group file only once to process a list of groups instead of parsing once for each group. Also added an unit test for GetAdditionalGroupsPath Signed-off-by: Daniel, Dao Quang Minh <dqminh89@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for c1a87e3 - Browse repository at this point
Copy the full SHA c1a87e3View commit details -
libcontainer: user: fix GetAdditionalGroupsPath to match API
The old GetAdditionalGroups* API didn't match the rest of libcontainer/user, we make functions that take io.Readers and then make wrappers around them. Otherwise we have to do dodgy stuff when testing our code. Fixes: b6df94ee65436 ("refactor GetAdditionalGroupsPath") Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
Configuration menu - View commit details
-
Copy full SHA for f975a51 - Browse repository at this point
Copy the full SHA f975a51View commit details -
libcontainer: user: update tests for GetAdditionalGroups
Update the tests to use the test-friendly GetAdditionalGroups API, rather than making random files for no good reason. Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
Configuration menu - View commit details
-
Copy full SHA for 78033bd - Browse repository at this point
Copy the full SHA 78033bdView commit details -
Allow numeric groups for containers without /etc/group
/etc/groups is not needed when specifying numeric group ids. This change allows containers without /etc/groups to specify numeric supplemental groups. Signed-off-by: Sami Wagiaalla <swagiaal@redhat.com>
Configuration menu - View commit details
-
Copy full SHA for 652fbaa - Browse repository at this point
Copy the full SHA 652fbaaView commit details -
Export user and group lookup errors as variables.
Export errors as variables when no matching entries are found in passwd or group file. Signed-off-by: Thomas LE ROUX <thomas@november-eleven.fr>
Configuration menu - View commit details
-
Copy full SHA for 23eb47f - Browse repository at this point
Copy the full SHA 23eb47fView commit details -
libcontainer: user: always treat numeric ids numerically
Most shadow-related tools don't treat numeric ids as potential usernames, so change our behaviour to match that. Previously, using an explicit specification like 111:222 could result in the UID and GID not being 111 and 222 respectively (which is confusing). Signed-off-by: Aleksa Sarai <asarai@suse.de>
Configuration menu - View commit details
-
Copy full SHA for 92e1773 - Browse repository at this point
Copy the full SHA 92e1773View commit details -
libcontainer: user: add tests for numeric user specifications
Signed-off-by: Aleksa Sarai <asarai@suse.de>
Configuration menu - View commit details
-
Copy full SHA for a4b5eb7 - Browse repository at this point
Copy the full SHA a4b5eb7View commit details -
libcontainer: user: general cleanups
Some of the code was quite confusing inside libcontainer/user, so refactor and comment it so future maintainers can understand what's going and what edge cases we have to deal with. Signed-off-by: Aleksa Sarai <asarai@suse.de>
Configuration menu - View commit details
-
Copy full SHA for 496e469 - Browse repository at this point
Copy the full SHA 496e469View commit details -
Fix TestGetAdditionalGroups on i686
Fixes: #941 Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
Configuration menu - View commit details
-
Copy full SHA for 91968cc - Browse repository at this point
Copy the full SHA 91968ccView commit details -
Cleanup: remove redundant code
Signed-off-by: Lei Jitang <leijitang@huawei.com>
Configuration menu - View commit details
-
Copy full SHA for c006cd2 - Browse repository at this point
Copy the full SHA c006cd2View commit details -
The parameters passed to `GetExecUser` is not correct. Consider the following code: ``` package main import ( "fmt" "io" "os" ) func main() { passwd, err := os.Open("/etc/passwd1") if err != nil { passwd = nil } else { defer passwd.Close() } err = GetUserPasswd(passwd) if err != nil { fmt.Printf("%#v\n", err) } } func GetUserPasswd(r io.Reader) error { if r == nil { return fmt.Errorf("nil source for passwd-formatted data") } else { fmt.Printf("r = %#v\n", r) } return nil } ``` If the file `/etc/passwd1` is not exist, we expect to return `nil source for passwd-formatted data` error, and in fact, the func `GetUserPasswd` return nil. The same logic exists in runc code. this patch fix it. Signed-off-by: Wang Long <long.wanglong@huawei.com>
Configuration menu - View commit details
-
Copy full SHA for 6351002 - Browse repository at this point
Copy the full SHA 6351002View commit details -
Move libcontainer to x/sys/unix
Since syscall is outdated and broken for some architectures, use x/sys/unix instead. There are still some dependencies on the syscall package that will remain in syscall for the forseeable future: Errno Signal SysProcAttr Additionally: - os still uses syscall, so it needs to be kept for anything returning *os.ProcessState, such as process.Wait. Signed-off-by: Christy Perez <christy@linux.vnet.ibm.com>
Configuration menu - View commit details
-
Copy full SHA for b0f54ba - Browse repository at this point
Copy the full SHA b0f54baView commit details -
libcontainer/user: add supplementary groups only for non-numeric users
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
Configuration menu - View commit details
-
Copy full SHA for 8cb7a3a - Browse repository at this point
Copy the full SHA 8cb7a3aView commit details -
Move user pkg unix specific calls to unix file
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for b69bd1b - Browse repository at this point
Copy the full SHA b69bd1bView commit details -
Revert "Merge pull request #1450 from vrothberg/sgid-non-numeric"
This reverts commit be16efd31c1748d9203905dffe449c655791c6a9, reversing changes made to 51b501dab1889ca609db9c536ac976f0f53e7021. Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 83ce763 - Browse repository at this point
Copy the full SHA 83ce763View commit details -
remove placeholder for non-linux platforms
runc currently only support Linux platform, and since we dont intend to expose the support to other platform, removing all other platforms placeholder code. `libcontainer/configs` still being used in https://github.com/moby/moby/blob/master/daemon/daemon_windows.go so keeping it for now. After this, we probably should also rename files to drop linux suffices if possible. Signed-off-by: Daniel Dao <dqminh89@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 5123b0a - Browse repository at this point
Copy the full SHA 5123b0aView commit details -
libcontainer/user: platform dependent calls
This rearranges a bit of the user and group lookup, such that only a basic subset is exposed. Signed-off-by: Vincent Batts <vbatts@hashbangbash.com>
Configuration menu - View commit details
-
Copy full SHA for 3d7cc23 - Browse repository at this point
Copy the full SHA 3d7cc23View commit details -
libcontainer: add parser for /etc/sub{u,g}id and /proc/PID/{u,g}id_map
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
Configuration menu - View commit details
-
Copy full SHA for 0eb4b05 - Browse repository at this point
Copy the full SHA 0eb4b05View commit details -
libcontainer: fix compilation on GOARCH=arm GOARM=6 (32 bits)
This fixes the following compilation error on 32bit ARM: ``` $ GOARCH=arm GOARCH=6 go build ./libcontainer/system/ libcontainer/system/linux.go:119:89: constant 4294967295 overflows int ``` Signed-off-by: Tibor Vass <tibor@docker.com>
Configuration menu - View commit details
-
Copy full SHA for bd84305 - Browse repository at this point
Copy the full SHA bd84305View commit details -
libcontainer: CurrentGroupSubGIDs -> CurrentUserSubGIDs
subgid is defined per user, not group (see subgid(5)) This commit also adds support for specifying subuid owner with a numeric UID. Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
Configuration menu - View commit details
-
Copy full SHA for c608377 - Browse repository at this point
Copy the full SHA c608377View commit details -
Nit: fix use of bufio.Scanner.Err
The Err() method should be called after the Scan() loop, not inside it. Found by git grep -A3 -F '.Scan()' | grep Err Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for afa0917 - Browse repository at this point
Copy the full SHA afa0917View commit details -
make sure pty.Close() will be called and fix comment
Signed-off-by: tjucoder <chinesecoder@foxmail.com>
Configuration menu - View commit details
-
Copy full SHA for aeea88e - Browse repository at this point
Copy the full SHA aeea88eView commit details -
use string-concatenation instead of sprintf for simple cases
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Configuration menu - View commit details
-
Copy full SHA for b3750af - Browse repository at this point
Copy the full SHA b3750afView commit details -
Signed-off-by: Amim Knabben <amim.knabben@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 581a9d4 - Browse repository at this point
Copy the full SHA 581a9d4View commit details -
Fix int overflow in test on 32 bit system
Signed-off-by: Shengjing Zhu <zhsj@debian.org>
Configuration menu - View commit details
-
Copy full SHA for efcad6e - Browse repository at this point
Copy the full SHA efcad6eView commit details -
Signed-off-by: AdamKorcz <adam@adalogics.com>
Configuration menu - View commit details
-
Copy full SHA for c49050c - Browse repository at this point
Copy the full SHA c49050cView commit details -
Commit f1e605bf added these two functions, but they are only used from Windows code. The v1 of this patch moved these functions to _windows.go file, but after some discussion we decided to drop windows code altogether, so this is what this patch now does. This fixes > libcontainer/user/user.go:64:6: func `groupFromOS` is unused (unused) > libcontainer/user/user.go:35:6: func `userFromOS` is unused (unused) Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 7736478 - Browse repository at this point
Copy the full SHA 7736478View commit details -
libcontainer/user: fix windows compile error
Move the unix-specific code to a file that's not compiled on Windows. Some of the errors (ErrUnsupported, ErrNoPasswdEntries, ErrNoGroupEntries) are used in other parts of the code, so are moved to a non-platform specific file. Most of "user" is probably not useful on Windows, although it's possible that Windows code may have to parse a passwd file, so leaving that code for now. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Configuration menu - View commit details
-
Copy full SHA for 50e9abc - Browse repository at this point
Copy the full SHA 50e9abcView commit details -
libcontainer/user: remove outdated MAINTAINERS file
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Configuration menu - View commit details
-
Copy full SHA for 48fed46 - Browse repository at this point
Copy the full SHA 48fed46View commit details -
gofumpt (mvdan.cc/gofumpt) is a fork of gofmt with stricter rules. Brought to you by git ls-files \*.go | grep -v ^vendor/ | xargs gofumpt -s -w Looking at the diff, all these changes make sense. Also, replace gofmt with gofumpt in golangci.yml. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 3e3208c - Browse repository at this point
Copy the full SHA 3e3208cView commit details -
libcontainer/user: remove unused ErrUnsupported
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Configuration menu - View commit details
-
Copy full SHA for da08f02 - Browse repository at this point
Copy the full SHA da08f02View commit details -
libcontainer/user: fix capitalization (golint)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Configuration menu - View commit details
-
Copy full SHA for edeacd3 - Browse repository at this point
Copy the full SHA edeacd3View commit details -
Replace fmt.Errorf w/o %-style to errors.New
Using fmt.Errorf for errors that do not have %-style formatting directives is an overkill. Switch to errors.New. Found by git grep fmt.Errorf | grep -v ^vendor | grep -v '%' Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for da5b9b2 - Browse repository at this point
Copy the full SHA da5b9b2View commit details -
*: fmt.Errorf: use %w when appropriate
This should result in no change when the error is printed, but make the errors returned unwrappable, meaning errors.As and errors.Is will work. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 013c244 - Browse repository at this point
Copy the full SHA 013c244View commit details -
libct/user: use []byte more, avoid allocations
Every []byte to string conversion results in a new allocation. Avoid some by using []byte more. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 02cfd3c - Browse repository at this point
Copy the full SHA 02cfd3cView commit details -
libct/user: ParseGroupFilter: use TrimSpace
Same as in other places (other parsers here, as well as golang os/user parser and glibc parser all tolerate extra space at BOL and EOL). Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for a04d4c7 - Browse repository at this point
Copy the full SHA a04d4c7View commit details -
libct/user: fix parsing long /etc/group lines
Lines in /etc/group longer than 64 characters breaks the current implementation of group parser. This is caused by bufio.Scanner buffer limit. Fix by re-using the fix for a similar problem in golang os/user, namely https://go-review.googlesource.com/c/go/+/283601. Add some tests. Co-authored-by: Andrey Bokhanko <andreybokhanko@gmail.com> Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 330eb4c - Browse repository at this point
Copy the full SHA 330eb4cView commit details -
Go 1.17 introduce this new (and better) way to specify build tags. For more info, see https://golang.org/design/draft-gobuild. As a way to seamlessly switch from old to new build tags, gofmt (and gopls) from go 1.17 adds the new tags along with the old ones. Later, when go < 1.17 is no longer supported, the old build tags can be removed. Now, as I started to use latest gopls (v0.7.1), it adds these tags while I edit. Rather than to randomly add new build tags, I guess it is better to do it once for all files. Mind that previous commits removed some tags that were useless, so this one only touches packages that can at least be built on non-linux. Brought to you by go1.17 fmt ./... Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 9f62d16 - Browse repository at this point
Copy the full SHA 9f62d16View commit details -
Since Go 1.19, godoc recognizes lists, code blocks, headings etc. It also reformats the sources making it more apparent that these features are used. Fix a few places where it misinterpreted the formatting (such as indented vs unindented), and format the result using the gofumpt from HEAD, which already incorporates gofmt 1.19 changes. Some more fixes (and enhancements) might be required. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for bad3316 - Browse repository at this point
Copy the full SHA bad3316View commit details -
ci: bump golangci-lint, remove fixed exception
The exception was fixed by polyfloyd/go-errorlint#12 which eventually made its way into golangci-lint. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 9820685 - Browse repository at this point
Copy the full SHA 9820685View commit details
Commits on Sep 17, 2023
-
integrate github.com/opencontainers/runc/libcontainer/user
This integrate the github.com/opencontainers/runc/libcontainer/user package at commit [opencontainers/runc@a3a0ec4]. This package was originally authored in a "utils" package in the Docker repository, after which moved to "libcontainer", which became part of runc. Some commits were not included in history, due to them being applied in the Docker repository before moving into "libcontainer". Leaving links to those for future reference: - [moby/moby@eb38750] - [moby/moby@e41507b] - [moby/moby@b07314e] [opencontainers/runc@a3a0ec4]: opencontainers/runc@a3a0ec4 [moby/moby@eb38750]: moby/moby@eb38750 [moby/moby@e41507b]: moby/moby@e41507b [moby/moby@b07314e]: moby/moby@b07314e Co-authored-by: Tianon Gravi <admwiggin@gmail.com> Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Configuration menu - View commit details
-
Copy full SHA for 51d0ba7 - Browse repository at this point
Copy the full SHA 51d0ba7View commit details -
user: add go.mod and integrate in CI
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Configuration menu - View commit details
-
Copy full SHA for 0123f32 - Browse repository at this point
Copy the full SHA 0123f32View commit details