container/podman
container/podman
1
0
Fork 0
mirror of https://github.com/containers/podman synced 2024-10-21 17:53:44 +00:00
Code Issues Packages Projects Releases Wiki Activity
podman/libpod
History
Giuseppe Scrivano 68185048cf
oci_conmon: not make accessible dirs if not needed 
do not change the permissions mask for the rundir and the tmpdir when
running a container with a user namespace and the current user is
mapped inside the user namespace.

The change was introduced with
849548ffb8, that dropped the
intermediate mount namespace in favor of allowing root into the user
namespace to access these directories.

Closes: https://github.com/containers/libpod/issues/4846

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2020-01-14 14:45:14 +01:00
..
common Set blob cache directory based on GraphDriver 2019-03-29 08:27:33 -04:00
config fix lint - drop else block 2020-01-08 15:44:21 +01:00
define Add ContainerStateRemoving 2019-11-19 15:38:03 -05:00
driver removMergeDir from inspect result if not mounted 2019-08-13 15:13:20 -04:00
events make lint: enable gocritic 2020-01-13 14:27:02 +01:00
image Merge pull request #4850 from vrothberg/fix-linting 2020-01-13 21:03:21 +01:00
layers Initial checkin from CRI-O repo 2017-11-01 11:24:59 -04:00
lock codespell: spelling corrections 2019-11-13 08:15:00 +11:00
logs make lint: enable gocritic 2020-01-13 14:27:02 +01:00
boltdb_state.go codespell: spelling corrections 2019-11-13 08:15:00 +11:00
boltdb_state_internal.go make lint: enable gocritic 2020-01-13 14:27:02 +01:00
boltdb_state_linux.go Error on netns not exist only when ctr is running 2019-11-19 15:38:03 -05:00
boltdb_state_unsupported.go podman-remote inspect 2019-01-18 15:43:11 -06:00
common_test.go add libpod/config 2019-10-31 17:42:37 +01:00
container.go make lint: enable gocritic 2020-01-13 14:27:02 +01:00
container.log.go make lint: enable gocritic 2020-01-13 14:27:02 +01:00
container_api.go if container is not in a pid namespace, stop all processes 2019-12-19 13:33:17 -05:00
container_commit.go Initial commit on compatible API 2020-01-10 09:41:39 -06:00
container_graph.go make lint: enable gocritic 2020-01-13 14:27:02 +01:00
container_graph_test.go generate systemd: support pods and geneartig files 2019-08-21 17:28:30 +02:00
container_inspect.go make lint: enable gocritic 2020-01-13 14:27:02 +01:00
container_internal.go make lint: enable gocritic 2020-01-13 14:27:02 +01:00
container_internal_linux.go make lint: enable gocritic 2020-01-13 14:27:02 +01:00
container_internal_test.go Potentially breaking: Make hooks sort order locale-independent 2019-04-09 21:08:44 +02:00
container_internal_unsupported.go When restoring containers, reset cgroup path 2019-10-10 14:53:29 -04:00
container_linux.go Do not fetch pod and ctr State on retrieval in Bolt 2018-07-31 14:19:50 +00:00
container_log_linux.go logs: support --tail 0 2019-10-31 19:55:36 +01:00
container_log_unsupported.go libpod removal from main (phase 2) 2019-06-27 07:56:24 -05:00
container_top_linux.go Add support for launching containers without CGroups 2019-09-10 10:52:37 -04:00
container_top_unsupported.go libpod removal from main (phase 2) 2019-06-27 07:56:24 -05:00
container_unsupported.go Do not fetch pod and ctr State on retrieval in Bolt 2018-07-31 14:19:50 +00:00
diff.go Correctly export the root file-system changes 2019-12-09 13:29:36 +01:00
events.go get last container event 2019-07-07 08:54:20 -05:00
healthcheck.go make lint: enable gocritic 2020-01-13 14:27:02 +01:00
healthcheck_linux.go golangci-lint pass number 2 2019-07-11 09:13:06 -05:00
healthcheck_unsupported.go remove libpod from main 2019-06-25 13:51:24 -05:00
in_memory_state.go add libpod/config 2019-10-31 17:42:37 +01:00
info.go Merge pull request #4220 from mheon/null_runtime 2019-10-11 20:55:37 +02:00
kube.go Merge pull request #4850 from vrothberg/fix-linting 2020-01-13 21:03:21 +01:00
mounts_linux.go set root propagation based on volume properties 2018-11-26 13:55:02 +01:00
networking_linux.go Merge pull request #4853 from mheon/do_not_configure_with_slirp 2020-01-13 20:51:38 +01:00
networking_unsupported.go remove libpod from main 2019-06-25 13:51:24 -05:00
oci.go Reap exec sessions on cleanup and removal 2019-12-12 16:35:37 -05:00
oci_attach_linux.go Allow users to disable detach keys 2019-11-05 14:10:43 -05:00
oci_attach_linux_cgo.go Implement conmon exec 2019-07-22 15:57:23 -04:00
oci_attach_linux_nocgo.go Implement conmon exec 2019-07-22 15:57:23 -04:00
oci_attach_unsupported.go Implement conmon exec 2019-07-22 15:57:23 -04:00
oci_conmon_linux.go oci_conmon: not make accessible dirs if not needed 2020-01-14 14:45:14 +01:00
oci_conmon_unsupported.go add libpod/config 2019-10-31 17:42:37 +01:00
oci_missing.go Reap exec sessions on cleanup and removal 2019-12-12 16:35:37 -05:00
oci_util.go libpod: fix case for executable file not found errors 2019-12-02 18:03:33 +01:00
options.go make lint: enable gocritic 2020-01-13 14:27:02 +01:00
pod.go Allow customizing pod hostname 2019-08-18 03:48:40 +00:00
pod_api.go if container is not in a pid namespace, stop all processes 2019-12-19 13:33:17 -05:00
pod_internal.go add libpod/config 2019-10-31 17:42:37 +01:00
pod_top_linux.go libpod removal from main (phase 2) 2019-06-27 07:56:24 -05:00
pod_top_unsupported.go remove libpod from main 2019-06-25 13:51:24 -05:00
reset.go Add podman system reset command 2019-11-29 05:34:52 -05:00
runtime.go make lint: enable gocritic 2020-01-13 14:27:02 +01:00
runtime_cstorage.go make lint: enable gocritic 2020-01-13 14:27:02 +01:00
runtime_ctr.go make lint: enable gocritic 2020-01-13 14:27:02 +01:00
runtime_img.go Initial commit on compatible API 2020-01-10 09:41:39 -06:00
runtime_img_test.go switch projectatomic to containers 2018-08-16 17:12:36 +00:00
runtime_migrate.go Migrate can move containers to a new runtime 2019-10-10 10:25:06 -04:00
runtime_migrate_unsupported.go Add podman system reset command 2019-11-29 05:34:52 -05:00
runtime_pod.go remove libpod from main 2019-06-25 13:51:24 -05:00
runtime_pod_infra_linux.go rootless: Rearrange setup of rootless containers 2019-09-24 11:01:28 +02:00
runtime_pod_linux.go make lint: enable gocritic 2020-01-13 14:27:02 +01:00
runtime_pod_unsupported.go remove libpod from main 2019-06-25 13:51:24 -05:00
runtime_renumber.go Re-add locks to volumes. 2019-08-28 11:35:00 -04:00
runtime_volume.go codespell: spelling corrections 2019-11-13 08:15:00 +11:00
runtime_volume_linux.go make lint: enable gocritic 2020-01-13 14:27:02 +01:00
runtime_volume_unsupported.go remove libpod from main 2019-06-25 13:51:24 -05:00
state.go add libpod/config 2019-10-31 17:42:37 +01:00
state_test.go add libpod/config 2019-10-31 17:42:37 +01:00
stats.go stats: fix calculation for the CPU time 2019-11-02 20:11:19 +01:00
stats_config.go changes to allow for darwin compilation 2018-06-29 20:44:09 +00:00
stats_unsupported.go remove libpod from main 2019-06-25 13:51:24 -05:00
storage.go bump containers/image to v5.0.0, buildah to v1.11.4 2019-10-29 13:35:18 -04:00
util.go Add ContainerStateRemoving 2019-11-19 15:38:03 -05:00
util_linux.go rm: add containers eviction with rm --force 2019-09-25 19:44:38 +02:00
util_test.go Stage3 Image Library 2018-03-14 20:21:31 +00:00
util_unsupported.go rm: add containers eviction with rm --force 2019-09-25 19:44:38 +02:00
volume.go When first mounting any named volume, copy up 2019-09-09 17:17:39 -04:00
volume_inspect.go Show volume options in 'volume inspect' 2019-10-18 13:42:31 -04:00
volume_internal.go Ensure volumes reacquire locks on state refresh 2019-12-02 23:06:00 -05:00
volume_internal_linux.go make lint: enable gocritic 2020-01-13 14:27:02 +01:00
volume_internal_unsupported.go Add ability for volumes with options to mount/umount 2019-09-05 17:12:27 -04:00