Skip to content

Commit

Permalink
Fixes permission issues with userns on Docker host
Browse files Browse the repository at this point in the history
Fixes #90
  • Loading branch information
lawliet89 committed Apr 20, 2017
1 parent 9426dc0 commit 47c562e
Show file tree
Hide file tree
Showing 4 changed files with 68 additions and 4 deletions.
23 changes: 23 additions & 0 deletions Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,8 @@ version = "0.1.11-dev"

[dependencies]
error-chain = "0.7.1"
lazy_static = "0.2"
libc = "0.2.18"
rustc_version = "0.1.7"
semver = "0.6.0"
toml = "0.2.1"
44 changes: 40 additions & 4 deletions src/docker.rs
Original file line number Diff line number Diff line change
Expand Up @@ -3,17 +3,54 @@ use std::path::PathBuf;
use std::process::{Command, ExitStatus};
use std::{env, fs};

use semver::{Version, VersionReq};

use {Target, Toml};
use cargo::Root;
use errors::*;
use extensions::CommandExt;
use id;
use rustc;

lazy_static! {
/// Retrieve the Docker Daemon version.
///
/// # Panics
/// Panics if the version cannot be retrieved or parsed
static ref DOCKER_VERSION: Version = {
let version_string = Command::new("docker")
.arg("version")
.arg("--format={{.Server.APIVersion}}")
.run_and_get_stdout(false)
.expect("Unable to obtain Docker version");
// API versions don't have "patch" version
Version::parse(&format!("{}.0", version_string.trim()))
.expect("Cannot parse Docker engine version")
};

/// Version requirements for user namespace.
///
/// # Panics
/// Panics if the parsing fails
static ref USERNS_REQUIREMENT: VersionReq = {
VersionReq::parse(">= 1.24")
.expect("Unable to parse version requirements")
};
}

/// Add the `userns` flag, if needed
pub fn docker_command(subcommand: &str) -> Command {
let mut docker = Command::new("docker");
docker.arg(subcommand);
if USERNS_REQUIREMENT.matches(&DOCKER_VERSION) {
docker.args(&["--userns", "host"]);
}
docker
}

/// Register QEMU interpreters
pub fn register(verbose: bool) -> Result<()> {
Command::new("docker")
.arg("run")
docker_command("run")
.arg("--privileged")
.arg("--rm")
.arg("-it")
Expand Down Expand Up @@ -64,10 +101,9 @@ pub fn run(target: &Target,
.run(verbose)
.chain_err(|| "couldn't generate Cargo.lock")?;

let mut docker = Command::new("docker");
let mut docker = docker_command("run");

docker
.arg("run")
.arg("--rm")
.args(&["--user", &format!("{}:{}", id::user(), id::group())])
.args(&["-e", "CARGO_HOME=/cargo"])
Expand Down
3 changes: 3 additions & 0 deletions src/main.rs
Original file line number Diff line number Diff line change
@@ -1,7 +1,10 @@
#[macro_use]
extern crate error_chain;
#[macro_use]
extern crate lazy_static;
extern crate libc;
extern crate rustc_version;
extern crate semver;
extern crate toml;

mod cargo;
Expand Down

0 comments on commit 47c562e

Please sign in to comment.