Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

pkg/specgen: allow pasta when running inside userns #23961

Merged
merged 1 commit into from
Sep 17, 2024
Merged

pkg/specgen: allow pasta when running inside userns #23961

merged 1 commit into from
Sep 17, 2024

Conversation

Luap99
Copy link
Member

@Luap99 Luap99 commented Sep 16, 2024

pasta doesn't switch to nobody when we already run in a userns so we can use it there. The unshare package checks the same condition and returns true even if uid 0 in this case so we can directly call this.

ref #17840 (comment)

Does this PR introduce a user-facing change?

Allow the pasta network mode to be used when running as uid 0 but already ina userns (container).

@Luap99
pkg/specgen: allow pasta when running inside userns
91dbd6d 
pasta doesn't switch to nobody when we already run in a userns so we can
use it there. The unshare package checks the same condition and returns
true even if uid 0 in this case so we can directly call this.

ref containers#17840 (comment)

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
@openshift-ci openshift-ci bot added release-note approved Indicates a PR has been approved by an approver from all required OWNERS files. labels Sep 16, 2024
@Luap99
Copy link
Member Author

Luap99 commented Sep 16, 2024

cc @sbrivio-rh @dgibson

@vuori Can you test if this works for you?

@Luap99 Luap99 added the No New Tests Allow PR to proceed without adding regression tests label Sep 16, 2024
@packit-as-a-service Packit-as-a-Service
Copy link

Ephemeral COPR build failed. @containers/packit-build please check.

1 similar comment
@packit-as-a-service Packit-as-a-Service
Copy link

Ephemeral COPR build failed. @containers/packit-build please check.

@vuori
Copy link

vuori commented Sep 16, 2024

I'll try to get this tested Tue/Wed.

@sbrivio-rh sbrivio-rh mentioned this pull request Sep 16, 2024
Open
@dgibson
Copy link
Collaborator

dgibson commented Sep 17, 2024

LGTM

giuseppe
giuseppe approved these changes Sep 17, 2024
View reviewed changes
Copy link
Member

@giuseppe giuseppe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Sep 17, 2024
@openshift-ci OpenShift CI
Copy link
Contributor

openshift-ci bot commented Sep 17, 2024

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: giuseppe, Luap99

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-merge-bot openshift-merge-bot bot merged commit 9da2336 into containers:main Sep 17, 2024
73 of 79 checks passed
@Luap99 Luap99 deleted the pasta-userns branch September 17, 2024 08:03
@vuori
Copy link

vuori commented Sep 17, 2024

Looks like I'm a bit late but anyway my problem with pasta inside a rootless container is fixed by this change.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@giuseppe giuseppe giuseppe approved these changes

Assignees

@giuseppe giuseppe

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged. No New Tests Allow PR to proceed without adding regression tests release-note
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@Luap99 @vuori @dgibson @giuseppe