On 11/23/21 9:40 AM, Karel Zak wrote:
On Tue, Nov 16, 2021 at 09:10:37PM -0500, Sean Anderson wrote:
This option is designed to handle the "garden path" user/group ID
mapping:
- The user has one big map in /etc/sub[u,g]id
- The user wants to map as many user and group IDs as they can,
especially the first 1000 users and groups.
The "auto" map is designed to handle this. We find the first map
matching the current user, and then map the whole thing to the ID range
starting at ID 0.
...
* map_ids() - Create a new uid/gid map
* @idmapper: Either newuidmap or newgidmap
@@ -571,6 +637,7 @@ static void __attribute__((__noreturn__)) usage(void)
fputs(_(" --map-group=<gid>|<name> map current group to gid (implies --user)\n"), out);
fputs(_(" -r, --map-root-user map current user to root (implies --user)\n"), out);
fputs(_(" -c, --map-current-user map current user to itself (implies --user)\n"), out);
+ fputs(_(" --map-auto map users and groups automatically (implies --user)\n"), out);
fputs(_(" --map-users=<outeruid>,<inneruid>,<count>\n"
" map count users from outeruid to inneruid (implies --user)\n"), out);
fputs(_(" --map-groups=<outergid>,<innergid>,<count>\n"
What about to support "auto" as a placeholder too:
--map-users=auto
--map-groups=auto
in this case you can select what you want to map (UID/GID)
automatically.
That sounds good.
+ case OPT_MAPAUTO:
+ unshare_flags |= CLONE_NEWUSER;
+ usermap = read_subid_range("/etc/subuid", real_euid);
+ groupmap = read_subid_range("/etc/subgid", real_egid);
+ break;
Please, add _PATH_SUBUID and _PATH_SUBGID to include/pathnames.h. We
usually do not use paths in the code.
OK. I did not know about that. Will add.
--Sean
