idtools

package
v1.12.13 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 1, 2019 License: Apache-2.0 Imports: 19 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AddNamespaceRangesUser

func AddNamespaceRangesUser(name string) (int, int, error)

AddNamespaceRangesUser takes a username and uses the standard system utility to create a system user/group pair used to hold the /etc/sub{uid,gid} ranges which will be used for user namespace mapping ranges in containers.

func CanAccess

func CanAccess(path string, pair IDPair) bool

CanAccess takes a valid (existing) directory and a uid, gid pair and determines if that uid, gid pair has access (execute bit) to the directory

func GetRootUIDGID

func GetRootUIDGID(uidMap, gidMap []IDMap) (int, int, error)

GetRootUIDGID retrieves the remapped root uid/gid pair from the set of maps. If the maps are empty, then the root uid/gid will default to "real" 0/0

func LookupGID

func LookupGID(gid int) (user.Group, error)

LookupGID uses traditional local system files lookup (from libcontainer/user) on a group ID, followed by a call to `getent` for supporting host configured non-files passwd and group dbs

func LookupGroup

func LookupGroup(groupname string) (user.Group, error)

LookupGroup uses traditional local system files lookup (from libcontainer/user) on a group name, followed by a call to `getent` for supporting host configured non-files passwd and group dbs

func LookupUID

func LookupUID(uid int) (user.User, error)

LookupUID uses traditional local system files lookup (from libcontainer/user) on a uid, followed by a call to `getent` for supporting host configured non-files passwd and group dbs

func LookupUser

func LookupUser(username string) (user.User, error)

LookupUser uses traditional local system files lookup (from libcontainer/user) on a username, followed by a call to `getent` for supporting host configured non-files passwd and group dbs

func MkdirAllAndChown

func MkdirAllAndChown(path string, mode os.FileMode, ids IDPair) error

MkdirAllAndChown creates a directory (include any along the path) and then modifies ownership to the requested uid/gid. If the directory already exists, this function will still change ownership to the requested uid/gid pair.

func MkdirAllAndChownNew

func MkdirAllAndChownNew(path string, mode os.FileMode, ids IDPair) error

MkdirAllAndChownNew creates a directory (include any along the path) and then modifies ownership ONLY of newly created directories to the requested uid/gid. If the directories along the path exist, no change of ownership will be performed

func MkdirAllAs

func MkdirAllAs(path string, mode os.FileMode, ownerUID, ownerGID int) error

MkdirAllAs creates a directory (include any along the path) and then modifies ownership to the requested uid/gid. If the directory already exists, this function will still change ownership to the requested uid/gid pair. Deprecated: Use MkdirAllAndChown

func MkdirAndChown

func MkdirAndChown(path string, mode os.FileMode, ids IDPair) error

MkdirAndChown creates a directory and then modifies ownership to the requested uid/gid. If the directory already exists, this function still changes ownership

func MkdirAs

func MkdirAs(path string, mode os.FileMode, ownerUID, ownerGID int) error

MkdirAs creates a directory and then modifies ownership to the requested uid/gid. If the directory already exists, this function still changes ownership Deprecated: Use MkdirAndChown with a IDPair

func SafeChown added in v1.12.0

func SafeChown(name string, uid, gid int) error

func SafeLchown added in v1.12.0

func SafeLchown(name string, uid, gid int) error

Types

type IDMap

type IDMap struct {
	ContainerID int `json:"container_id"`
	HostID      int `json:"host_id"`
	Size        int `json:"size"`
}

IDMap contains a single entry for user namespace range remapping. An array of IDMap entries represents the structure that will be provided to the Linux kernel for creating a user namespace.

func ParseIDMap

func ParseIDMap(mapSpec []string, mapSetting string) (idmap []IDMap, err error)

ParseIDMap parses idmap triples from string.

type IDMappings

type IDMappings struct {
	// contains filtered or unexported fields
}

IDMappings contains a mappings of UIDs and GIDs

func NewIDMappings

func NewIDMappings(username, groupname string) (*IDMappings, error)

NewIDMappings takes a requested user and group name and using the data from /etc/sub{uid,gid} ranges, creates the proper uid and gid remapping ranges for that user/group pair

func NewIDMappingsFromMaps

func NewIDMappingsFromMaps(uids []IDMap, gids []IDMap) *IDMappings

NewIDMappingsFromMaps creates a new mapping from two slices Deprecated: this is a temporary shim while transitioning to IDMapping

func (*IDMappings) Empty

func (i *IDMappings) Empty() bool

Empty returns true if there are no id mappings

func (*IDMappings) GIDs

func (i *IDMappings) GIDs() []IDMap

GIDs return the UID mapping TODO: remove this once everything has been refactored to use pairs

func (*IDMappings) RootPair

func (i *IDMappings) RootPair() IDPair

RootPair returns a uid and gid pair for the root user. The error is ignored because a root user always exists, and the defaults are correct when the uid and gid maps are empty.

func (*IDMappings) ToContainer

func (i *IDMappings) ToContainer(pair IDPair) (int, int, error)

ToContainer returns the container UID and GID for the host uid and gid

func (*IDMappings) ToHost

func (i *IDMappings) ToHost(pair IDPair) (IDPair, error)

ToHost returns the host UID and GID for the container uid, gid. Remapping is only performed if the ids aren't already the remapped root ids

func (*IDMappings) UIDs

func (i *IDMappings) UIDs() []IDMap

UIDs return the UID mapping TODO: remove this once everything has been refactored to use pairs

type IDPair

type IDPair struct {
	UID int
	GID int
}

IDPair is a UID and GID pair

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL