Limited support for operating on images on macOS#811
Limited support for operating on images on macOS#811rhatdan merged 2 commits intocontainers:mainfrom
Conversation
We need more changes to detect rootless in Darwin, but certainly #744 gets us closer. I'm going to rework this PR around Thanks! |
|
@slp Are you still interested in this PR or should we close? |
|
@rhatdan This PR needs a complete rework, and I honestly don't know when I'll be able to do that, so let's close this one for the moment. |
We're going to need to reference containersOverrideXattr from idtools in the next commit. Since archive.go is already importing idtools.go, move containersOverrideXattr to the latter and make it public, so we don't need to alter the imports. Signed-off-by: Sergio Lopez <slp@redhat.com>
Supporting macOS presents a number of challenges since the lack of user namespaces means that operations that alter the ownership or permissions on a file face harsh limitations, since are requested by an unprivileged user that may need to potentially operate on arbitrary uids/gids. To overcome this challenges, we rely on the existing "forceMask" feature to store the actual ownership and permission bits as an extended attribute entry on each file. In addition to automatically enabling "forceMask" when running on macOS, we also need some minor changes to ensure the compatibility with this OS. The most significant is the fact that, on macOS SafeLchmod and SafeChmod also operate on the extended attributes, to allow us to properly create the directories supporting the image. With this changes in place, buildah is able to perform basic operations on OCI images, such as downloading the image, creating a working container, and removing them. Signed-off-by: Sergio Lopez <slp@redhat.com>
|
@rhatdan @giuseppe I finally got around to rework this PR. As suggested (thanks Giuseppe!) this PR now relies on the existing All the functional changes are gated behind runtime and build-time conditionals checking for "darwin", so other targets shouldn't be affected by this change. I also tried to keep the changes minimal to ensure no significant increase in the maintainership costs. |
slp
changed the title
|
LGTM |
3 participants
Support managing images as an unprivileged user on macOS, by storing
user ownership and file mode bits as extended attributes. This is
mainly intended to be used on libkrun-based lightweight VMs, where its
virtio-fs implementation reads those attributes and translates them
for the Guest.
In this implementation, the decision to either store those bits as
either extended attributes for virtio-fs or actual permission and
ownerships values on the filesystem, is done by checking in-place if
the current operating system is "darwin" and uid != 0. This way, we
avoid the need to extend the interface by adding a new configuration
option. On the other hand, if it's found to be useful for other
systems, we should implmement a proper tunable.
Signed-off-by: Sergio Lopez slp@redhat.com