idtools

package
v0.1.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 25, 2021 License: GPL-3.0 Imports: 19 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AddNamespaceRangesUser

func AddNamespaceRangesUser(name string) (int, int, error)

AddNamespaceRangesUser takes a username and uses the standard system utility to create a system user/group pair used to hold the /etc/sub{uid,gid} ranges which will be used for user namespace mapping ranges in containers.

func CanAccess

func CanAccess(path string, pair IDPair) bool

CanAccess takes a valid (existing) directory and a uid, gid pair and determines if that uid, gid pair has access (execute bit) to the directory

func GetRootUIDGID

func GetRootUIDGID(uidMap, gidMap []IDMap) (int, int, error)

GetRootUIDGID retrieves the remapped root uid/gid pair from the set of maps. If the maps are empty, then the root uid/gid will default to "real" 0/0

func IsContiguous

func IsContiguous(mappings []IDMap) bool

IsContiguous checks if the specified mapping is contiguous and doesn't have any hole.

func LookupGID

func LookupGID(gid int) (user.Group, error)

LookupGID uses traditional local constants files lookup (from libcontainer/user) on a group ID, followed by a call to `getent` for supporting host configured non-files passwd and group dbs

func LookupGroup

func LookupGroup(groupname string) (user.Group, error)

LookupGroup uses traditional local constants files lookup (from libcontainer/user) on a group name, followed by a call to `getent` for supporting host configured non-files passwd and group dbs

func LookupUID

func LookupUID(uid int) (user.User, error)

followed by a call to `getent` for supporting host configured non-files passwd and group dbs

func LookupUser

func LookupUser(username string) (user.User, error)

followed by a call to `getent` for supporting host configured non-files passwd and group dbs

func MkdirAllAndChown

func MkdirAllAndChown(path string, mode os.FileMode, ids IDPair) error

MkdirAllAndChown creates a directory (include any along the path) and then modifies ownership to the requested uid/gid. If the directory already exists, this function will still change ownership to the requested uid/gid pair.

func MkdirAllAndChownNew

func MkdirAllAndChownNew(path string, mode os.FileMode, ids IDPair) error

MkdirAllAndChownNew creates a directory (include any along the path) and then modifies ownership ONLY of newly created directories to the requested uid/gid. If the directories along the path exist, no change of ownership will be performed

func MkdirAllAs

func MkdirAllAs(path string, mode os.FileMode, ownerUID, ownerGID int) error

MkdirAllAs creates a directory (include any along the path) and then modifies ownership to the requested uid/gid. If the directory already exists, this function will still change ownership to the requested uid/gid pair. Deprecated: Use MkdirAllAndChown

func MkdirAndChown

func MkdirAndChown(path string, mode os.FileMode, ids IDPair) error

MkdirAndChown creates a directory and then modifies ownership to the requested uid/gid. If the directory already exists, this function still changes ownership

func MkdirAs

func MkdirAs(path string, mode os.FileMode, ownerUID, ownerGID int) error

MkdirAs creates a directory and then modifies ownership to the requested uid/gid. If the directory already exists, this function still changes ownership Deprecated: Use MkdirAndChown with a IDPair

func SafeChown

func SafeChown(name string, uid, gid int) error

func SafeLchown

func SafeLchown(name string, uid, gid int) error

Types

type IDMap

type IDMap struct {
	ContainerID int `json:"container_id"`
	HostID      int `json:"host_id"`
	Size        int `json:"size"`
}

IDMap contains a single entry for user namespace range remapping. An array of IDMap entries represents the structure that will be provided to the Linux kernel for creating a user namespace.

func ParseIDMap

func ParseIDMap(mapSpec []string, mapSetting string) (idmap []IDMap, err error)

ParseIDMap parses idmap triples from string.

type IDMappings

type IDMappings struct {
	// contains filtered or unexported fields
}

IDMappings contains a mappings of UIDs and GIDs

func NewIDMappings

func NewIDMappings(username, groupname string) (*IDMappings, error)

NewIDMappings takes a requested user and group name and using the data from /etc/sub{uid,gid} ranges, creates the proper uid and gid remapping ranges for that user/group pair

func NewIDMappingsFromMaps

func NewIDMappingsFromMaps(uids []IDMap, gids []IDMap) *IDMappings

NewIDMappingsFromMaps creates a new mapping from two slices Deprecated: this is a temporary shim while transitioning to IDMapping

func (*IDMappings) Empty

func (i *IDMappings) Empty() bool

Empty returns true if there are no id mappings

func (*IDMappings) GIDs

func (i *IDMappings) GIDs() []IDMap

GIDs return the UID mapping TODO: remove this once everything has been refactored to use pairs

func (*IDMappings) RootPair

func (i *IDMappings) RootPair() IDPair

RootPair returns a uid and gid pair for the root user. The error is ignored because a root user always exists, and the defaults are correct when the uid and gid maps are empty.

func (*IDMappings) ToContainer

func (i *IDMappings) ToContainer(pair IDPair) (int, int, error)

ToContainer returns the container UID and GID for the host uid and gid

func (*IDMappings) ToHost

func (i *IDMappings) ToHost(pair IDPair) (IDPair, error)

ToHost returns the host UID and GID for the container uid, gid. Remapping is only performed if the ids aren't already the remapped root ids

func (*IDMappings) UIDs

func (i *IDMappings) UIDs() []IDMap

UIDs return the UID mapping TODO: remove this once everything has been refactored to use pairs

type IDPair

type IDPair struct {
	UID int
	GID int
}

IDPair is a UID and GID pair

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL