| Message ID | 20230203143545.23689-1-gniebler@suse.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | common: Do not chown ro mountpoint when creating idmapped mount | expand |
On Fri, Feb 03, 2023 at 03:35:45PM +0100, Gabriel Niebler wrote: > The function _idmapped_mount tries to change the ownership of the mountpoint > for which it aims to create an idmapped mount, to ensure that the mapped UID > and GID can actually create objects within it. Some tests set up a read-only > mount, however, which lets the chown call fail. This patch fixes the > function to check whether the mount is read-only and skip the chown, if so. > > Signed-off-by: Gabriel Niebler <gniebler@suse.com> > --- Looks good to me, Reviewed-by: Christian Brauner <brauner@kernel.org> Thanks for fixing this!
diff --git a/common/rc b/common/rc index 81ce1026..19ab8062 100644 --- a/common/rc +++ b/common/rc @@ -414,8 +414,11 @@ _idmapped_mount() # We create an idmapped mount where {g,u}id 0 writes to disk as # {g,u}id 10000000 and $(id -u fsgqa) + 10000000. We change ownership - # of $mnt so {g,u} id 0 can actually create objects in there. - chown 10000000:10000000 $mnt || return 1 + # of $mnt, provided it's not read-only, so {g,u} id 0 can actually + # create objects in there. + if [[ "$mount_rec" != *"ro,"* && "$mount_rec" != *",ro"* ]]; then + chown 10000000:10000000 $mnt || return 1 + fi $here/src/vfs/mount-idmapped \ --map-mount b:10000000:0:100000000000 \ $mnt $tmp
The function _idmapped_mount tries to change the ownership of the mountpoint for which it aims to create an idmapped mount, to ensure that the mapped UID and GID can actually create objects within it. Some tests set up a read-only mount, however, which lets the chown call fail. This patch fixes the function to check whether the mount is read-only and skip the chown, if so. Signed-off-by: Gabriel Niebler <gniebler@suse.com> --- common/rc | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-)