From 50b639d8bf346653bdaf54557fb96b64339a1aec Mon Sep 17 00:00:00 2001 From: Felix Abecassis Date: Wed, 25 Apr 2018 14:28:13 -0700 Subject: [PATCH 1/3] doc: fix typo for umoci-raw-runtime-config(1) Signed-off-by: Felix Abecassis --- doc/man/umoci-raw-runtime-config.1.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/man/umoci-raw-runtime-config.1.md b/doc/man/umoci-raw-runtime-config.1.md index 534d00dce..84c622bf2 100644 --- a/doc/man/umoci-raw-runtime-config.1.md +++ b/doc/man/umoci-raw-runtime-config.1.md @@ -70,7 +70,7 @@ operations that necessitate it. ``` % skopeo copy docker://opensuse/amd64:42.2 oci:image:latest # umoci unpack --image image bundle -% umoci raw runtime-generate --image image --rootfs bundle/rootfs config.json +% umoci raw runtime-config --image image --rootfs bundle/rootfs config.json ``` # SEE ALSO From 16e1bcb4883000171822fa381adee6c8f387c662 Mon Sep 17 00:00:00 2001 From: Felix Abecassis Date: Wed, 25 Apr 2018 14:35:48 -0700 Subject: [PATCH 2/3] raw-runtime-config: fix the default rootless ID mapping d829321c modified the idtools package and therefore default mapping used by unpack, but raw-runtime-config still used the previous format. Signed-off-by: Felix Abecassis --- cmd/umoci/raw-runtime-config.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cmd/umoci/raw-runtime-config.go b/cmd/umoci/raw-runtime-config.go index 2c57ba9f7..6a9b9152d 100644 --- a/cmd/umoci/raw-runtime-config.go +++ b/cmd/umoci/raw-runtime-config.go @@ -96,10 +96,10 @@ func rawConfig(ctx *cli.Context) error { meta.MapOptions.Rootless = ctx.Bool("rootless") if meta.MapOptions.Rootless { if !ctx.IsSet("uid-map") { - ctx.Set("uid-map", fmt.Sprintf("%d:0:1", os.Geteuid())) + ctx.Set("uid-map", fmt.Sprintf("0:%d:1", os.Geteuid())) } if !ctx.IsSet("gid-map") { - ctx.Set("gid-map", fmt.Sprintf("%d:0:1", os.Getegid())) + ctx.Set("gid-map", fmt.Sprintf("0:%d:1", os.Getegid())) } } // Parse and set up the mapping options. From db65f26f41ebe26a78c70de70958951aa363440b Mon Sep 17 00:00:00 2001 From: Felix Abecassis Date: Thu, 26 Apr 2018 17:10:54 -0700 Subject: [PATCH 3/3] cmd: refactor handling of ID mapping Signed-off-by: Felix Abecassis --- cmd/umoci/raw-runtime-config.go | 49 ++++--------------------------- cmd/umoci/unpack.go | 52 ++++----------------------------- cmd/umoci/utils.go | 39 +++++++++++++++++++++++++ cmd/umoci/utils_ux.go | 19 ++++++++++++ 4 files changed, 69 insertions(+), 90 deletions(-) diff --git a/cmd/umoci/raw-runtime-config.go b/cmd/umoci/raw-runtime-config.go index 6a9b9152d..7f03b88b6 100644 --- a/cmd/umoci/raw-runtime-config.go +++ b/cmd/umoci/raw-runtime-config.go @@ -25,14 +25,13 @@ import ( "github.com/openSUSE/umoci/oci/cas/dir" "github.com/openSUSE/umoci/oci/casext" "github.com/openSUSE/umoci/oci/layer" - "github.com/openSUSE/umoci/pkg/idtools" ispec "github.com/opencontainers/image-spec/specs-go/v1" "github.com/pkg/errors" "github.com/urfave/cli" "golang.org/x/net/context" ) -var rawConfigCommand = cli.Command{ +var rawConfigCommand = uxRemap(cli.Command{ Name: "runtime-config", Aliases: []string{"config"}, Usage: "generates an OCI runtime configuration for an image", @@ -51,18 +50,6 @@ Note that the results of this may not agree with umoci-unpack(1) because the Category: "image", Flags: []cli.Flag{ - cli.StringSliceFlag{ - Name: "uid-map", - Usage: "specifies a uid mapping to use when generating config", - }, - cli.StringSliceFlag{ - Name: "gid-map", - Usage: "specifies a gid mapping to use when generating config", - }, - cli.BoolFlag{ - Name: "rootless", - Usage: "generate rootless configuration", - }, cli.StringFlag{ Name: "rootfs", Usage: "path to secondary source of truth (root filesystem)", @@ -81,7 +68,7 @@ Note that the results of this may not agree with umoci-unpack(1) because the ctx.App.Metadata["config"] = ctx.Args().First() return nil }, -} +}) func rawConfig(ctx *cli.Context) error { imagePath := ctx.App.Metadata["--image-path"].(string) @@ -91,38 +78,12 @@ func rawConfig(ctx *cli.Context) error { var meta UmociMeta meta.Version = UmociMetaVersion - // Parse map options. - // We need to set mappings if we're in rootless mode. - meta.MapOptions.Rootless = ctx.Bool("rootless") - if meta.MapOptions.Rootless { - if !ctx.IsSet("uid-map") { - ctx.Set("uid-map", fmt.Sprintf("0:%d:1", os.Geteuid())) - } - if !ctx.IsSet("gid-map") { - ctx.Set("gid-map", fmt.Sprintf("0:%d:1", os.Getegid())) - } - } // Parse and set up the mapping options. - for _, uidmap := range ctx.StringSlice("uid-map") { - idMap, err := idtools.ParseMapping(uidmap) - if err != nil { - return errors.Wrapf(err, "failure parsing --uid-map %s: %s", uidmap) - } - meta.MapOptions.UIDMappings = append(meta.MapOptions.UIDMappings, idMap) - } - for _, gidmap := range ctx.StringSlice("gid-map") { - idMap, err := idtools.ParseMapping(gidmap) - if err != nil { - return errors.Wrapf(err, "failure parsing --gid-map %s: %s", gidmap) - } - meta.MapOptions.GIDMappings = append(meta.MapOptions.GIDMappings, idMap) + err := parseIdmapOptions(&meta, ctx) + if err != nil { + return err } - log.WithFields(log.Fields{ - "map.uid": meta.MapOptions.UIDMappings, - "map.gid": meta.MapOptions.GIDMappings, - }).Debugf("parsed mappings") - // Get a reference to the CAS. engine, err := dir.Open(imagePath) if err != nil { diff --git a/cmd/umoci/unpack.go b/cmd/umoci/unpack.go index 03631cea5..5b981035d 100644 --- a/cmd/umoci/unpack.go +++ b/cmd/umoci/unpack.go @@ -27,14 +27,13 @@ import ( "github.com/openSUSE/umoci/oci/casext" "github.com/openSUSE/umoci/oci/layer" "github.com/openSUSE/umoci/pkg/fseval" - "github.com/openSUSE/umoci/pkg/idtools" ispec "github.com/opencontainers/image-spec/specs-go/v1" "github.com/pkg/errors" "github.com/urfave/cli" "golang.org/x/net/context" ) -var unpackCommand = cli.Command{ +var unpackCommand = uxRemap(cli.Command{ Name: "unpack", Usage: "unpacks a reference into an OCI runtime bundle", ArgsUsage: `--image [:] @@ -50,20 +49,7 @@ creation with umoci-repack(1).`, // unpack reads manifest information. Category: "image", - Flags: []cli.Flag{ - cli.StringSliceFlag{ - Name: "uid-map", - Usage: "specifies a uid mapping to use when repacking (container:host:size)", - }, - cli.StringSliceFlag{ - Name: "gid-map", - Usage: "specifies a gid mapping to use when repacking (container:host:size)", - }, - cli.BoolFlag{ - Name: "rootless", - Usage: "enable rootless unpacking support", - }, - }, + Flags: []cli.Flag{}, Action: unpack, @@ -77,7 +63,7 @@ creation with umoci-repack(1).`, ctx.App.Metadata["bundle"] = ctx.Args().First() return nil }, -} +}) func unpack(ctx *cli.Context) error { imagePath := ctx.App.Metadata["--image-path"].(string) @@ -87,38 +73,12 @@ func unpack(ctx *cli.Context) error { var meta UmociMeta meta.Version = UmociMetaVersion - // Parse map options. - // We need to set mappings if we're in rootless mode. - meta.MapOptions.Rootless = ctx.Bool("rootless") - if meta.MapOptions.Rootless { - if !ctx.IsSet("uid-map") { - ctx.Set("uid-map", fmt.Sprintf("0:%d:1", os.Geteuid())) - } - if !ctx.IsSet("gid-map") { - ctx.Set("gid-map", fmt.Sprintf("0:%d:1", os.Getegid())) - } - } // Parse and set up the mapping options. - for _, uidmap := range ctx.StringSlice("uid-map") { - idMap, err := idtools.ParseMapping(uidmap) - if err != nil { - return errors.Wrapf(err, "failure parsing --uid-map %s: %s", uidmap) - } - meta.MapOptions.UIDMappings = append(meta.MapOptions.UIDMappings, idMap) - } - for _, gidmap := range ctx.StringSlice("gid-map") { - idMap, err := idtools.ParseMapping(gidmap) - if err != nil { - return errors.Wrapf(err, "failure parsing --gid-map %s: %s", gidmap) - } - meta.MapOptions.GIDMappings = append(meta.MapOptions.GIDMappings, idMap) + err := parseIdmapOptions(&meta, ctx) + if err != nil { + return err } - log.WithFields(log.Fields{ - "map.uid": meta.MapOptions.UIDMappings, - "map.gid": meta.MapOptions.GIDMappings, - }).Debugf("parsed mappings") - // Get a reference to the CAS. engine, err := dir.Open(imagePath) if err != nil { diff --git a/cmd/umoci/utils.go b/cmd/umoci/utils.go index 84c57c928..ae0250118 100644 --- a/cmd/umoci/utils.go +++ b/cmd/umoci/utils.go @@ -32,8 +32,10 @@ import ( "github.com/openSUSE/umoci/oci/casext" igen "github.com/openSUSE/umoci/oci/config/generate" "github.com/openSUSE/umoci/oci/layer" + "github.com/openSUSE/umoci/pkg/idtools" ispec "github.com/opencontainers/image-spec/specs-go/v1" "github.com/pkg/errors" + "github.com/urfave/cli" "github.com/vbatts/go-mtree" "golang.org/x/net/context" ) @@ -280,3 +282,40 @@ func generateBundleManifest(mtreeName string, bundlePath string, fsEval mtree.Fs return nil } + +// parseIdmapOptions sets up the mapping options for UmociMeta, using +// the arguments specified on the command line +func parseIdmapOptions(meta *UmociMeta, ctx *cli.Context) error { + // We need to set mappings if we're in rootless mode. + meta.MapOptions.Rootless = ctx.Bool("rootless") + if meta.MapOptions.Rootless { + if !ctx.IsSet("uid-map") { + ctx.Set("uid-map", fmt.Sprintf("0:%d:1", os.Geteuid())) + } + if !ctx.IsSet("gid-map") { + ctx.Set("gid-map", fmt.Sprintf("0:%d:1", os.Getegid())) + } + } + + for _, uidmap := range ctx.StringSlice("uid-map") { + idMap, err := idtools.ParseMapping(uidmap) + if err != nil { + return errors.Wrapf(err, "failure parsing --uid-map %s: %s", uidmap) + } + meta.MapOptions.UIDMappings = append(meta.MapOptions.UIDMappings, idMap) + } + for _, gidmap := range ctx.StringSlice("gid-map") { + idMap, err := idtools.ParseMapping(gidmap) + if err != nil { + return errors.Wrapf(err, "failure parsing --gid-map %s: %s", gidmap) + } + meta.MapOptions.GIDMappings = append(meta.MapOptions.GIDMappings, idMap) + } + + log.WithFields(log.Fields{ + "map.uid": meta.MapOptions.UIDMappings, + "map.gid": meta.MapOptions.GIDMappings, + }).Debugf("parsed mappings") + + return nil +} diff --git a/cmd/umoci/utils_ux.go b/cmd/umoci/utils_ux.go index 236614d03..4823e3751 100644 --- a/cmd/umoci/utils_ux.go +++ b/cmd/umoci/utils_ux.go @@ -212,3 +212,22 @@ func uxLayout(cmd cli.Command) cli.Command { return cmd } + +func uxRemap(cmd cli.Command) cli.Command { + cmd.Flags = append(cmd.Flags, []cli.Flag{ + cli.StringSliceFlag{ + Name: "uid-map", + Usage: "specifies a uid mapping to use (container:host:size)", + }, + cli.StringSliceFlag{ + Name: "gid-map", + Usage: "specifies a gid mapping to use (container:host:size)", + }, + cli.BoolFlag{ + Name: "rootless", + Usage: "enable rootless command support", + }, + }...) + + return cmd +}