-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
UIDs and GID are handled in base 8 (incorrectly) #19800
Labels
kind/bug
Categorizes issue or PR as related to a bug.
locked - please file new issue/PR
Assist humans wanting to comment on an old issue or PR with locked comments.
Comments
I think the following patch solves the issue: diff --git a/libpod/container_internal_common.go b/libpod/container_internal_common.go
index f7a51f5a3..a8747f849 100644
--- a/libpod/container_internal_common.go
+++ b/libpod/container_internal_common.go
@@ -821,12 +821,12 @@ func lookupHostUser(name string) (*runcuser.ExecUser, error) {
if err != nil {
return &execUser, err
}
- uid, err := strconv.ParseUint(u.Uid, 8, 32)
+ uid, err := strconv.ParseUint(u.Uid, 10, 32)
if err != nil {
return &execUser, err
}
- gid, err := strconv.ParseUint(u.Gid, 8, 32)
+ gid, err := strconv.ParseUint(u.Gid, 10, 32)
if err != nil {
return &execUser, err
} I'll play with it and open a PR |
giuseppe
added a commit
to giuseppe/libpod
that referenced
this issue
Aug 31, 2023
fix the parsing of --hostuser to treat the input in base 10. Closes: containers#19800 Signed-off-by: Giuseppe Scrivano <[email protected]>
PR here: #19816 |
giuseppe
added a commit
to giuseppe/libpod
that referenced
this issue
Aug 31, 2023
fix the parsing of --hostuser to treat the input in base 10. Closes: containers#19800 Signed-off-by: Giuseppe Scrivano <[email protected]>
github-actions
bot
added
the
locked - please file new issue/PR
Assist humans wanting to comment on an old issue or PR with locked comments.
label
Dec 1, 2023
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Labels
kind/bug
Categorizes issue or PR as related to a bug.
locked - please file new issue/PR
Assist humans wanting to comment on an old issue or PR with locked comments.
Issue Description
When using
--hostuser=testuser
with atestuser
account that has a UID above 7, podman either: a) translates the UID wrong or b) fails to parse the UID, because it attempts to parse the UID in octal.That's incorrect on at least the linux systems that I'm using: There, /etc/passwd ID entries are all in decimal.
Steps to reproduce the issue
To reproduce the "does not start" aspect of the issue:
testuser
with UID 987).podman run --rm -u testuser --passwd --hostuser=testuser ubuntu:latest grep testuser /etc/passwd
Error: strconv.ParseUint: parsing "987": invalid syntax
To reproduce the "starts but is completely incorrect" aspect:
podman run --rm -u $(whoami) --passwd --hostuser=$(whoami) ubuntu:latest grep $(whoami) /etc/passwd
- prints UIDs & GIDs1000
, which is correct (I guess that they are written in base-8 also?)podman run --rm -u $(whoami) --passwd --hostuser=$(whoami) ubuntu:latest id
uid=512 gid=512 groups=512
Describe the results you received
(see the repro steps for an explanation of the results)
Describe the results you expected
I would expect all host UIDs and GIDs to work, regardless of whether they are valid in octal, and that the concrete UID and GID in the container is the same as on the host (so, a UID of 1000 in the host should be 1000 in the container).
podman info output
Podman in a container
No
Privileged Or Rootless
Rootless
Upstream Latest Release
No
Additional environment details
I'm running in nixos, but believe this applies to all systems.
Additional information
This issue only happens with
--hostuser
for me so far, but it's consistent there. I do have to use--hostuser
because the user I need to translate over comes with dynamic-enough UID/GIDs that it must be referred to by name /:The text was updated successfully, but these errors were encountered: