Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix docker crash when creating namespaces with UID in /etc/subuid and /etc/subgid #39764

Merged
merged 1 commit into from Nov 8, 2019

Conversation

@yongtang
Copy link
Member

yongtang commented Aug 18, 2019

This fix tries to address the issue raised in #39353 where docker crash when creating namespaces with UID in /etc/subuid and /etc/subgid.

The issue was that, mapping to /etc/sub[u,g]id in docker does not allow numeric ID.

This fix fixes the issue by probing other combinations (uid:groupname, username:gid, uid:gid) when normal username:groupname fails.

This fix fixes #39353.

Signed-off-by: Yong Tang yong.tang.github@outlook.com

@thaJeztah

This comment has been minimized.

Copy link
Member

thaJeztah commented Aug 18, 2019

wondering if we should do all this magic, or just detect numeric IDs and produce an informative error that username should be used 🤔

@yongtang

This comment has been minimized.

Copy link
Member Author

yongtang commented Aug 18, 2019

@thaJeztah Not sure if we want to ask user to change /etc/subuid and /etc/subgid file (which might be used by some other systems outside of docker). But I can certainly update the PR to only change the error message if it is desired.

Copy link
Member

tonistiigi left a comment

SGTM

cc @AkihiroSuda

@andrewhsu

This comment has been minimized.

Copy link
Contributor

andrewhsu commented Nov 7, 2019

needs a rebase to get the new jenkinsfile to run today's PR checks. triggering of old jenkins job will not work anymore

… /etc/subgid

This fix tries to address the issue raised in 39353 where
docker crash when creating namespaces with UID in /etc/subuid and /etc/subgid.

The issue was that, mapping to `/etc/sub[u,g]id` in docker does not
allow numeric ID.

This fix fixes the issue by probing other combinations (uid:groupname, username:gid, uid:gid)
when normal username:groupname fails.

This fix fixes 39353.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
@yongtang yongtang force-pushed the yongtang:39353-subgid-subuid branch from 9969519 to f09dc2f Nov 7, 2019
@yongtang

This comment has been minimized.

Copy link
Member Author

yongtang commented Nov 7, 2019

Rebased and all tests passed. Thanks all 🎉 !

@thaJeztah thaJeztah merged commit 1a88e02 into moby:master Nov 8, 2019
2 checks passed
2 checks passed
DCO DCO
Details
continuous-integration/jenkins/pr-merge This commit looks good
Details
@thaJeztah

This comment has been minimized.

Copy link
Member

thaJeztah commented Nov 8, 2019

Thanks!

@yongtang yongtang deleted the yongtang:39353-subgid-subuid branch Nov 8, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.