-
Notifications
You must be signed in to change notification settings - Fork 5.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
cmdmod: fix runas and group in run_chroot #53992
Conversation
Hey, thanks for the PR! Do we have any existing chroot tests? This seems like something we'd want to protect against regressions. |
There is not unit test for run_chroot, but I will do one for this case. |
@aplanas you just need to write test for your changes. But if your willing to go up and beyond that would be greatly appreciated. |
ping @cmcmarrow |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM 👍
@aplanas Looks like it's out of date, so perhaps a rebase would be good |
d900035
to
0a007e2
Compare
@waynew rebased! |
0a007e2
to
efcbf88
Compare
Rebased into master |
efcbf88
to
4d562d7
Compare
239caf2
to
2c7b654
Compare
@aplanas could you please resolve merge conflicts? |
On it |
f848d97
to
91d3a2a
Compare
219dcce
to
56ee80e
Compare
The parameters runas and group for cmdmod.run() will change the efective user and group before executing the command. But in a chroot environment is expected that the change happends inside the chroot, not outside, as the user and groups are refering to objects that can only exist inside the environment. This patch add the userspec parameter to the chroot command, to change the user in the correct place.
The parameters runas and group for cmdmod.run() will change the efective
user and group before executing the command. But in a chroot environment is
expected that the change happends inside the chroot, not outside, as the
user and groups are refering to objects that can only exist inside the
environment.
This patch add the userspec parameter to the chroot command, to change
the user in the correct place.