Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[5.2-rhel] libpod: fix volume copyup with idmap | convert owner IDs only with :idmap #24591

Open
wants to merge 3 commits into
base: v5.2-rhel
Choose a base branch
from
Open

[5.2-rhel] libpod: fix volume copyup with idmap | convert owner IDs only with :idmap #24591

wants to merge 3 commits into from

Conversation

giuseppe
Copy link
Member

@giuseppe giuseppe commented Nov 18, 2024
edited
Loading

giuseppe and others added 2 commits November 18, 2024 12:20
@giuseppe
libpod: fix volume copyup with idmap
b7c7726 
if idmap is specified for a volume, reverse the mappings when copying
up from the container, so that the original permissions are maintained.

Closes: containers#23467

Signed-off-by: Giuseppe Scrivano <[email protected]>
(cherry picked from commit 3ae1568)
@edsantiago @giuseppe
CI: enable root user namespaces
6057aef 
Signed-off-by: Ed Santiago <[email protected]>
(cherry picked from commit 7bb3b83)
@openshift-ci OpenShift CI
Copy link
Contributor

openshift-ci bot commented Nov 18, 2024

Adding the "do-not-merge/release-note-label-needed" label because no release-note block was detected, please follow our release note process to remove it.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@openshift-ci openshift-ci bot added the do-not-merge/release-note-label-needed Enforce release-note requirement, even if just None label Nov 18, 2024
@openshift-ci OpenShift CI
Copy link
Contributor

openshift-ci bot commented Nov 18, 2024

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: giuseppe

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Nov 18, 2024
@packit-as-a-service Packit-as-a-Service
Copy link

Ephemeral COPR build failed. @containers/packit-build please check.

@giuseppe giuseppe marked this pull request as draft November 18, 2024 11:31
@openshift-ci openshift-ci bot added the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Nov 18, 2024
@giuseppe giuseppe marked this pull request as ready for review November 18, 2024 11:31
@openshift-ci openshift-ci bot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Nov 18, 2024
@Luap99
Copy link
Member

Luap99 commented Nov 18, 2024

@TomSweeneyRedHat Do we need z-stream backport request cards before merging?

@TomSweeneyRedHat
Copy link
Member

@Luap99 at this point, we don't need a Zstream card for 5.2, since 5.2 is top of tree in RHEL and this is a backport from main, we can just fix it with the existing Jira card. Good question though, you made me think for a bit.

@giuseppe
libpod: convert owner IDs only with :idmap
d3fbb51 
convert the owner UID and GID into the user namespace only when
":idmap" mount is used.

This changes the behaviour of :idmap with an empty volume.  Now the
existing directory ownership is copied up as in the other case.

Closes: containers#23347
Closes: https://issues.redhat.com/browse/RHEL-67842

Signed-off-by: Giuseppe Scrivano <[email protected]>
(cherry picked from commit 4323252)
Signed-off-by: Giuseppe Scrivano <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. do-not-merge/release-note-label-needed Enforce release-note requirement, even if just None
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@giuseppe @Luap99 @TomSweeneyRedHat @edsantiago