On Tue, Nov 16, 2021 at 09:10:37PM -0500, Sean Anderson wrote:
> This option is designed to handle the "garden path" user/group ID
> mapping:
>
> - The user has one big map in /etc/sub[u,g]id
> - The user wants to map as many user and group IDs as they can,
> especially the first 1000 users and groups.
>
> The "auto" map is designed to handle this. We find the first map
> matching the current user, and then map the whole thing to the ID range
> starting at ID 0.
...
> * map_ids() - Create a new uid/gid map
> * @idmapper: Either newuidmap or newgidmap
> @@ -571,6 +637,7 @@ static void __attribute__((__noreturn__)) usage(void)
> fputs(_(" --map-group=<gid>|<name> map current group to gid (implies --user)\n"), out);
> fputs(_(" -r, --map-root-user map current user to root (implies --user)\n"), out);
> fputs(_(" -c, --map-current-user map current user to itself (implies --user)\n"), out);
> + fputs(_(" --map-auto map users and groups automatically (implies --user)\n"), out);
> fputs(_(" --map-users=<outeruid>,<inneruid>,<count>\n"
> " map count users from outeruid to inneruid (implies --user)\n"), out);
> fputs(_(" --map-groups=<outergid>,<innergid>,<count>\n"
What about to support "auto" as a placeholder too:
--map-users=auto
--map-groups=auto
in this case you can select what you want to map (UID/GID)
automatically.
> + case OPT_MAPAUTO:
> + unshare_flags |= CLONE_NEWUSER;
> + usermap = read_subid_range("/etc/subuid", real_euid);
> + groupmap = read_subid_range("/etc/subgid", real_egid);
> + break;
Please, add _PATH_SUBUID and _PATH_SUBGID to include/pathnames.h. We
usually do not use paths in the code.
Karel
--
Karel Zak <kzak@xxxxxxxxxx>
http://karelzak.blogspot.com
