[lxc-users] Tool for shifting subuids and subgids

Bostjan Skufca bostjan at a2o.si
Mon Oct 12 12:27:38 UTC 2015 

Hi Teemu,

does this tool have a name?

IMHO it is missing -r switch that is present in uidmapshift.c (info about
existing uids, gids).

Additionally, uidmapshift can limit its scope of operation, and not just
directory-wise, but also by id-range. For example, if you run uidmapshift
on a directory with "-r 0 1000000 100000 /path/to/dir" arguments, and it
dies in the middle of the process for whatever reason, you can just rerun
the same command and the end result will be consistent, as it will not
touch UIDs above 100.000.
On the other hand, using your tool with arguments "0 1000000 /path/to/dir",
I will end up with some files in 1.000.000-1.100.000 and other files (that
were affected by both runs) in 2.000.000-2.100.000 UID/GID range.

Do not get me wrong, I managed to scr*w permissions with uidmapshift too,
but here the possibility of doing it is even greater.

My 2 cents,
b.

PS: Creating wrapper script that does one short repeated task for you might
seem better approach instead of rewriting uidmapshift's functionality in
python.


On 7 October 2015 at 13:24, <teemu.gronqvist at net9.fi> wrote:

> Hello everyone,
>
> Made this tool in the morning. It can be used to shift subuid and subgid
> maps of unprivleged containers easily to bigger or smaller range making
> migrations and things like that a whole lot easier. I’m not sure if LXD
> does this by default when migrating, but anyways yeah, it’s a good tool for
> plain LXC to say the least.
>
> It is very useful for our company so I thought that someone else might
> find it useful as well.
>
> Here’s the source for anyone interested: http://paste.ubuntu.com/12703540/
>
> This is based on the C version found at
> https://github.com/fcicq/nsexec/blob/master/uidmapshift.c but this one is
> instead programmed in Python needing no compiling etc.
>
> I have tested it a few times on a few folders but it might have some bugs,
> so maybe someone more experienced in Python than me might want to give it a
> look.
>
> Kind regards,
> Teemu Grönqvist
> Net9 Oy
>
>
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20151012/9cc72cb7/attachment.html>

More information about the lxc-users mailing list