github/skopeo
1
0
Fork 0
mirror of https://github.com/containers/skopeo.git synced 2025-08-31 22:28:33 +00:00
Code Issues Projects Releases Wiki Activity

skopeo: create a userns when running rootless

Browse Source 
Closes: https://github.com/containers/skopeo/issues/623

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
This commit is contained in:
Giuseppe Scrivano
2019-03-29 16:54:06 +01:00
parent ffa640c2b0
commit ac85091ecd
8 changed files with 25 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
cmd/skopeo/copy.go
View File

@@ -50,6 +50,7 @@ func copyCmd(global *globalOptions) cli.Command {
`, strings.Join(transports.ListNames(), ", ")), `, strings.Join(transports.ListNames(), ", ")),
ArgsUsage: "SOURCE-IMAGE DESTINATION-IMAGE", ArgsUsage: "SOURCE-IMAGE DESTINATION-IMAGE",
Action: commandAction(opts.run), Action: commandAction(opts.run),
Before: needsRexec,
// FIXME: Do we need to namespace the GPG aspect? // FIXME: Do we need to namespace the GPG aspect?
Flags: append(append(append([]cli.Flag{ Flags: append(append(append([]cli.Flag{
cli.StringSliceFlag{ cli.StringSliceFlag{

1
cmd/skopeo/delete.go
View File

@@ -24,6 +24,7 @@ func deleteCmd(global *globalOptions) cli.Command {
image: imageOpts, image: imageOpts,
} }
return cli.Command{ return cli.Command{
Before: needsRexec,
Name: "delete", Name: "delete",
Usage: "Delete image IMAGE-NAME", Usage: "Delete image IMAGE-NAME",
Description: fmt.Sprintf(` Description: fmt.Sprintf(`

1
cmd/skopeo/inspect.go
View File

@@ -62,6 +62,7 @@ func inspectCmd(global *globalOptions) cli.Command {
Destination: &opts.raw, Destination: &opts.raw,
}, },
}, sharedFlags...), imageFlags...), }, sharedFlags...), imageFlags...),
Before: needsRexec,
Action: commandAction(opts.run), Action: commandAction(opts.run),
} }
} }

1
cmd/skopeo/layers.go
View File

@@ -32,6 +32,7 @@ func layersCmd(global *globalOptions) cli.Command {
Name: "layers", Name: "layers",
Usage: "Get layers of IMAGE-NAME", Usage: "Get layers of IMAGE-NAME",
ArgsUsage: "IMAGE-NAME [LAYER...]", ArgsUsage: "IMAGE-NAME [LAYER...]",
Before: needsRexec,
Hidden: true, Hidden: true,
Action: commandAction(opts.run), Action: commandAction(opts.run),
Flags: append(sharedFlags, imageFlags...), Flags: append(sharedFlags, imageFlags...),

2
cmd/skopeo/main.go
View File

@@ -99,7 +99,7 @@ func createApp() (*cli.App, *globalOptions) {
} }
// before is run by the cli package for any command, before running the command-specific handler. // before is run by the cli package for any command, before running the command-specific handler.
func (opts *globalOptions) before(_ *cli.Context) error { func (opts *globalOptions) before(ctx *cli.Context) error {
if opts.debug { if opts.debug {
logrus.SetLevel(logrus.DebugLevel) logrus.SetLevel(logrus.DebugLevel)
} }

6
cmd/skopeo/unshare.go Normal file
View File

@@ -0,0 +1,6 @@
// +build !linux
package main
func maybeReexec() {
}

7
cmd/skopeo/unshare_linux.go Normal file
View File

@@ -0,0 +1,7 @@
package main
import "github.com/containers/buildah/pkg/unshare"
func maybeReexec() {
unshare.MaybeReexecUsingUserNamespace(false)
}

5
cmd/skopeo/utils.go
View File

@@ -16,6 +16,11 @@ type errorShouldDisplayUsage struct {
error error
} }
func needsRexec(c *cli.Context) error {
maybeReexec()
return nil
}
// commandAction intermediates between the cli.ActionFunc interface and the real handler, // commandAction intermediates between the cli.ActionFunc interface and the real handler,
// primarily to ensure that cli.Context is not available to the handler, which in turn // primarily to ensure that cli.Context is not available to the handler, which in turn
// makes sure that the cli.String() etc. flag access functions are not used, // makes sure that the cli.String() etc. flag access functions are not used,