-
Notifications
You must be signed in to change notification settings - Fork 2.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[5.2-rhel] libpod: fix volume copyup with idmap | convert owner IDs only with :idmap #24591
[5.2-rhel] libpod: fix volume copyup with idmap | convert owner IDs only with :idmap #24591
Conversation
Adding the "do-not-merge/release-note-label-needed" label because no release-note block was detected, please follow our release note process to remove it. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: giuseppe The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Ephemeral COPR build failed. @containers/packit-build please check. |
@TomSweeneyRedHat Do we need z-stream backport request cards before merging? |
@Luap99 at this point, we don't need a Zstream card for 5.2, since 5.2 is top of tree in RHEL and this is a backport from main, we can just fix it with the existing Jira card. Good question though, you made me think for a bit. |
f1b1112
to
d3fbb51
Compare
A friendly reminder that this PR had no activity for 30 days. |
CI is failing. What the state here can/should this still be merged? |
no idea if we still need this. @TomSweeneyRedHat do we need this PR or can I close it? |
This fixes an issue in the current release of Podman on RHEL and should be fixed if at all possible. I'm not sure what's going on with the tests here. It's not a busy repository. I'll throw up a test PR to see if it's something outside of this PR or not. Created: #24990 |
This repo hasn't been added to in a while and containers#24591 is failing when it builds. I'm adding this doc only change to test if it's an underlying problem with the tests in this repo, or something in the new PR. DO NOT MERGE. Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
This isn't testing anything anymore as we dropped all functional tests per our discussion last year: #24355 So technically a rebase will make this work. Looking at the tests I see "failed to create idmapped mount: invalid argument" is matched to skip the test when the fs does not support idmap we however got "failed to create idmapped mount: operation not permitted". I guess the second case also means idmap is simply not supported, not sure why the errno is different there though. Anyway of the goal is to merge this reabse is enough and then I guess RHEL QE must verify these bugs anyway |
if idmap is specified for a volume, reverse the mappings when copying up from the container, so that the original permissions are maintained. Closes: containers#23467 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> (cherry picked from commit 3ae1568)
Signed-off-by: Ed Santiago <santiago@redhat.com> (cherry picked from commit 7bb3b83)
convert the owner UID and GID into the user namespace only when ":idmap" mount is used. This changes the behaviour of :idmap with an empty volume. Now the existing directory ownership is copied up as in the other case. Closes: containers#23347 Closes: https://issues.redhat.com/browse/RHEL-67842 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> (cherry picked from commit 4323252) Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
d3fbb51
to
b00c7f2
Compare
rebased |
LGTM |
please merge, it is also needed for: https://issues.redhat.com/browse/RHEL-73592 |
/lgtm |
@TomSweeneyRedHat PTAL |
LGTM |
/lgtm |
76d1690
into
containers:v5.2-rhel
backport of:
Fixes: https://issues.redhat.com/browse/RHEL-67842