[lxc-devel] [lxd/master] shared/idmap: Skip empty subuid/subgid
stgraber on Github
lxc-bot at linuxcontainers.org
Tue Mar 31 01:06:07 UTC 2020
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 354 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20200330/43fab360/attachment.bin>
-------------- next part --------------
From 5510ab48c11f43c522274026e92ff0cebf7e807e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Graber?= <stgraber at ubuntu.com>
Date: Mon, 30 Mar 2020 21:05:49 -0400
Subject: [PATCH] shared/idmap: Skip empty subuid/subgid
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
---
shared/idmap/idmapset_linux.go | 4 +++-
shared/util.go | 16 ++++++++++++++++
2 files changed, 19 insertions(+), 1 deletion(-)
diff --git a/shared/idmap/idmapset_linux.go b/shared/idmap/idmapset_linux.go
index 72c0c3bd60..9834f1a317 100644
--- a/shared/idmap/idmapset_linux.go
+++ b/shared/idmap/idmapset_linux.go
@@ -756,7 +756,9 @@ func DefaultIdmapSet(rootfs string, username string) (*IdmapSet, error) {
// Check if shadow's uidmap tools are installed
subuidPath := path.Join(rootfs, "/etc/subuid")
subgidPath := path.Join(rootfs, "/etc/subgid")
- if shared.PathExists(subuidPath) && shared.PathExists(subgidPath) {
+ subuidEmpty, _ := shared.FileIsEmpty(subuidPath)
+ subgidEmpty, _ := shared.FileIsEmpty(subgidPath)
+ if shared.PathExists(subuidPath) && shared.PathExists(subgidPath) && subuidEmpty && subgidEmpty {
// Parse the shadow uidmap
entries, err := getFromShadow(subuidPath, username)
if err != nil {
diff --git a/shared/util.go b/shared/util.go
index 4813aa62f4..e48cedbfe3 100644
--- a/shared/util.go
+++ b/shared/util.go
@@ -87,6 +87,22 @@ func PathIsEmpty(path string) (bool, error) {
return false, err
}
+// FileIsEmpty checks if the given file is empty.
+func FileIsEmpty(path string) (bool, error) {
+ f, err := os.Open(path)
+ if err != nil {
+ return false, err
+ }
+ defer f.Close()
+
+ stat, err := f.Stat()
+ if err != nil {
+ return false, err
+ }
+
+ return stat.Size() == 0, nil
+}
+
// IsDir returns true if the given path is a directory.
func IsDir(name string) bool {
stat, err := os.Stat(name)
More information about the lxc-devel
mailing list