idtools

package
v1.13.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 11, 2020 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AddNamespaceRangesUser

func AddNamespaceRangesUser(name string) (int, int, error)

AddNamespaceRangesUser takes a username and uses the standard system utility to create a system user/group pair used to hold the /etc/sub{uid,gid} ranges which will be used for user namespace mapping ranges in containers.

func CanAccess added in v1.13.0

func CanAccess(path string, uid, gid int) bool

CanAccess takes a valid (existing) directory and a uid, gid pair and determines if that uid, gid pair has access (execute bit) to the directory

func CreateIDMappings

func CreateIDMappings(username, groupname string) ([]IDMap, []IDMap, error)

CreateIDMappings takes a requested user and group name and using the data from /etc/sub{uid,gid} ranges, creates the proper uid and gid remapping ranges for that user/group pair

func GetRootUIDGID

func GetRootUIDGID(uidMap, gidMap []IDMap) (int, int, error)

GetRootUIDGID retrieves the remapped root uid/gid pair from the set of maps. If the maps are empty, then the root uid/gid will default to "real" 0/0

func LookupGID added in v1.13.0

func LookupGID(gid int) (user.Group, error)

LookupGID uses traditional local system files lookup (from libcontainer/user) on a group ID, followed by a call to `getent` for supporting host configured non-files passwd and group dbs

func LookupGroup added in v1.13.0

func LookupGroup(groupname string) (user.Group, error)

LookupGroup uses traditional local system files lookup (from libcontainer/user) on a group name, followed by a call to `getent` for supporting host configured non-files passwd and group dbs

func LookupUID added in v1.13.0

func LookupUID(uid int) (user.User, error)

LookupUID uses traditional local system files lookup (from libcontainer/user) on a uid, followed by a call to `getent` for supporting host configured non-files passwd and group dbs

func LookupUser added in v1.13.0

func LookupUser(username string) (user.User, error)

LookupUser uses traditional local system files lookup (from libcontainer/user) on a username, followed by a call to `getent` for supporting host configured non-files passwd and group dbs

func MkdirAllAs

func MkdirAllAs(path string, mode os.FileMode, ownerUID, ownerGID int) error

MkdirAllAs creates a directory (include any along the path) and then modifies ownership to the requested uid/gid. If the directory already exists, this function will still change ownership to the requested uid/gid pair.

func MkdirAllNewAs added in v1.10.0

func MkdirAllNewAs(path string, mode os.FileMode, ownerUID, ownerGID int) error

MkdirAllNewAs creates a directory (include any along the path) and then modifies ownership ONLY of newly created directories to the requested uid/gid. If the directories along the path exist, no change of ownership will be performed

func MkdirAs

func MkdirAs(path string, mode os.FileMode, ownerUID, ownerGID int) error

MkdirAs creates a directory and then modifies ownership to the requested uid/gid. If the directory already exists, this function still changes ownership

func ToContainer

func ToContainer(hostID int, idMap []IDMap) (int, error)

ToContainer takes an id mapping, and uses it to translate a host ID to the remapped ID. If no map is provided, then the translation assumes a 1-to-1 mapping and returns the passed in id

func ToHost

func ToHost(contID int, idMap []IDMap) (int, error)

ToHost takes an id mapping and a remapped ID, and translates the ID to the mapped host ID. If no map is provided, then the translation assumes a 1-to-1 mapping and returns the passed in id #

Types

type IDMap

type IDMap struct {
	ContainerID int `json:"container_id"`
	HostID      int `json:"host_id"`
	Size        int `json:"size"`
}

IDMap contains a single entry for user namespace range remapping. An array of IDMap entries represents the structure that will be provided to the Linux kernel for creating a user namespace.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL