You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The libcontainer methods for reading users, etc. currently only reads from /etc/passwd and /etc/group, however on Ubuntu Core devices (also yocto sometimes) it is desirably to also read the /var/lib/extrausers/passwd and /var/lib/extrausers/group files as well (from the pam_extrausers package in Ubuntu), as the /etc/passwd and /etc/group files are read-only and so any new users are added to the extrausers files instead of the /etc/passwd and /etc/group files.
I'm not sure what the design for this would look like, but it would be nice if the API that returns a io.Reader for the User/Group files (such as GetPasswd and GetGroup) just "auto-magically" included the /var/lib/extrausers files at the end of the /etc/passwd files via io.MultiReader. The *Path methods probably would have to remain the same behavior for backwards compatibility, but perhaps new methods returning a list of strings could be used to return all of the files if they exist?
I would be willing to submit a PR changing GetPasswd and GetGroup to include the extrausers patch if folks think this is a reasonable thing to do.
The text was updated successfully, but these errors were encountered:
Just use the standard libc pwent functions for that (which can be and indeed are configured via /etc/nsswitch.conf), instead of completely bypassing the standard OS functionality by manually reading certain files.
libcontainer/user is only intended for resolving usernames within a container, so unless Ubuntu Core containers (if those exist) have such a layout, then an internal runc library is not the best place to implement such a feature. If you're trying to do username parsing just use the Go stdlib os/user package (which uses pwent internally).
The libcontainer methods for reading users, etc. currently only reads from /etc/passwd and /etc/group, however on Ubuntu Core devices (also yocto sometimes) it is desirably to also read the /var/lib/extrausers/passwd and /var/lib/extrausers/group files as well (from the pam_extrausers package in Ubuntu), as the /etc/passwd and /etc/group files are read-only and so any new users are added to the extrausers files instead of the /etc/passwd and /etc/group files.
I'm not sure what the design for this would look like, but it would be nice if the API that returns a io.Reader for the User/Group files (such as
GetPasswd
andGetGroup
) just "auto-magically" included the /var/lib/extrausers files at the end of the /etc/passwd files via io.MultiReader. The *Path methods probably would have to remain the same behavior for backwards compatibility, but perhaps new methods returning a list of strings could be used to return all of the files if they exist?I would be willing to submit a PR changing GetPasswd and GetGroup to include the extrausers patch if folks think this is a reasonable thing to do.
The text was updated successfully, but these errors were encountered: