stage1,tests: add support for non-numerical uid/gid #2159
Conversation
stage1/appexec/appexec.c
Outdated
| pexit_if((f = fopen(path, "r")) == NULL, "Unable to open \"%s\"", path); | ||
|
|
||
| while (getline(&line, &llen, f) != -1) { | ||
| s = strdup(line); |
There was a problem hiding this comment.
shouldn't s be free()'d when done?
|
Thanks for this work! All the parsing is done in C via
What do you think? |
|
I just thought I'd validate shortly before entering the Thanks for pointing out Structured and user-friendly errors are a good point. I'll be moving the validation to Go then. |
|
@monstermunchkin not sure what form it should take. I added a note in #2105. |
|
So, I have moved the validation to Please let me know what you think about the code. |
stage1/init/common/pod.go
Outdated
| if strings.HasPrefix(app.User, "/") { | ||
| var stat syscall.Stat_t | ||
| if err = syscall.Lstat(strings.Join([]string{common.AppRootfsPath(p.Root, appName), | ||
| app.User}, "/"), &stat); err != nil { |
There was a problem hiding this comment.
Why do you append a "/" at the end of the filename for lstat?
ditto for the groups below.
There was a problem hiding this comment.
This should be filepath.Join(common.AppRootfsPath(p.Root, appName), app.User).
There was a problem hiding this comment.
Oh right, I read filepath.Join instead of strings.Join. I agree that using filepath.Join is better in that case.
|
Thanks for the feedback, I did some changes. When using path-like uid/gid, The function prototypes of |
pkg/passwd/passwd_test.go
Outdated
| } | ||
|
|
||
| for i, tt := range tests { | ||
| g, err := parsePasswdLine(tt.line) |
|
One small change, then the code looks good to me. Can you add an entry in CHANGELOG.md? @krnowak can you review the changes in tests/functional.mk? |
|
Lemme see. |
| // This is a partial implementation for app.User and app.Group: | ||
| // For now, only numeric ids (and the string "root") are supported. | ||
| var uid, gid int | ||
| var _uid, gid int |
There was a problem hiding this comment.
Why prepending an underline to the uid variable?
There was a problem hiding this comment.
Otherwise it conflicts with the uid package since uid.NewBlankUidRange() is called shortly after. Are there any preferred naming rules in situations like these?
There was a problem hiding this comment.
Oh, I missed that. Ok, let's keep it like that then. I'm not aware of any rules for that.
stage1/init/common/pod.go
Outdated
| } | ||
| uidReal, _, err := uidRange.UnshiftRange(stat.Uid, 0) | ||
| if err != nil { | ||
| return errwrap.Wrap(fmt.Errorf("unable to determine real uid"), err) |
|
Some nitpicks, otherwise LFAD. |
The passwd package looks up given user name.
Allow looking up gids from a specified file. This makes gid validation easier.
Instead of relying on the caller to provide a Group struct which parseGroupLine then fills with data, a Group struct is created within the function and then returned. If the line is not parseable, an error is returned instead.
Add support for non-numerical uid/gid, as specified by appc. Uid/gid can be numerical, textual, or path-like. Resolves #1919
|
Thank you! LGTM. |
stage1,tests: add support for non-numerical uid/gid
Support for non-numerical uid/gid added, as specified by appc.
Resolves #1919