mirror of
https://github.com/containers/skopeo.git
synced 2025-08-30 03:52:47 +00:00
skopeo: create a userns when running rootless
Closes: https://github.com/containers/skopeo/issues/623 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
This commit is contained in:
parent
ffa640c2b0
commit
ac85091ecd
@ -50,6 +50,7 @@ func copyCmd(global *globalOptions) cli.Command {
|
||||
`, strings.Join(transports.ListNames(), ", ")),
|
||||
ArgsUsage: "SOURCE-IMAGE DESTINATION-IMAGE",
|
||||
Action: commandAction(opts.run),
|
||||
Before: needsRexec,
|
||||
// FIXME: Do we need to namespace the GPG aspect?
|
||||
Flags: append(append(append([]cli.Flag{
|
||||
cli.StringSliceFlag{
|
||||
|
@ -24,8 +24,9 @@ func deleteCmd(global *globalOptions) cli.Command {
|
||||
image: imageOpts,
|
||||
}
|
||||
return cli.Command{
|
||||
Name: "delete",
|
||||
Usage: "Delete image IMAGE-NAME",
|
||||
Before: needsRexec,
|
||||
Name: "delete",
|
||||
Usage: "Delete image IMAGE-NAME",
|
||||
Description: fmt.Sprintf(`
|
||||
Delete an "IMAGE_NAME" from a transport
|
||||
|
||||
|
@ -62,6 +62,7 @@ func inspectCmd(global *globalOptions) cli.Command {
|
||||
Destination: &opts.raw,
|
||||
},
|
||||
}, sharedFlags...), imageFlags...),
|
||||
Before: needsRexec,
|
||||
Action: commandAction(opts.run),
|
||||
}
|
||||
}
|
||||
|
@ -32,6 +32,7 @@ func layersCmd(global *globalOptions) cli.Command {
|
||||
Name: "layers",
|
||||
Usage: "Get layers of IMAGE-NAME",
|
||||
ArgsUsage: "IMAGE-NAME [LAYER...]",
|
||||
Before: needsRexec,
|
||||
Hidden: true,
|
||||
Action: commandAction(opts.run),
|
||||
Flags: append(sharedFlags, imageFlags...),
|
||||
|
@ -99,7 +99,7 @@ func createApp() (*cli.App, *globalOptions) {
|
||||
}
|
||||
|
||||
// before is run by the cli package for any command, before running the command-specific handler.
|
||||
func (opts *globalOptions) before(_ *cli.Context) error {
|
||||
func (opts *globalOptions) before(ctx *cli.Context) error {
|
||||
if opts.debug {
|
||||
logrus.SetLevel(logrus.DebugLevel)
|
||||
}
|
||||
|
6
cmd/skopeo/unshare.go
Normal file
6
cmd/skopeo/unshare.go
Normal file
@ -0,0 +1,6 @@
|
||||
// +build !linux
|
||||
|
||||
package main
|
||||
|
||||
func maybeReexec() {
|
||||
}
|
7
cmd/skopeo/unshare_linux.go
Normal file
7
cmd/skopeo/unshare_linux.go
Normal file
@ -0,0 +1,7 @@
|
||||
package main
|
||||
|
||||
import "github.com/containers/buildah/pkg/unshare"
|
||||
|
||||
func maybeReexec() {
|
||||
unshare.MaybeReexecUsingUserNamespace(false)
|
||||
}
|
@ -16,6 +16,11 @@ type errorShouldDisplayUsage struct {
|
||||
error
|
||||
}
|
||||
|
||||
func needsRexec(c *cli.Context) error {
|
||||
maybeReexec()
|
||||
return nil
|
||||
}
|
||||
|
||||
// commandAction intermediates between the cli.ActionFunc interface and the real handler,
|
||||
// primarily to ensure that cli.Context is not available to the handler, which in turn
|
||||
// makes sure that the cli.String() etc. flag access functions are not used,
|
||||
|
Loading…
Reference in New Issue
Block a user