From: Debarshi Ray <dray@redhat.com>
To: "Marc-André Lureau" <marcandre.lureau@redhat.com>
Cc: "Fam Zheng" <fam@euphon.net>,
berrange@redhat.com, "Alex Bennée" <alex.bennee@linaro.org>,
qemu-devel@nongnu.org, "Gerd Hoffmann" <kraxel@redhat.com>,
"Debarshi Ray" <rishi@redhat.com>,
"Philippe Mathieu-Daudé" <philmd@redhat.com>
Subject: Re: [Qemu-devel] [PATCH v2 2/5] tests/docker: add podman support
Date: Wed, 17 Jul 2019 17:17:54 +0200 [thread overview]
Message-ID: <CADVaYxbhJX2Fp-nNYqLN4fY+A7pAW5wTTfkg3iNgM9p5BJASNA@mail.gmail.com> (raw)
In-Reply-To: <20190709194330.837-3-marcandre.lureau@redhat.com>
Hey,
Sorry for the late response. I was on vacation and away from my keyboard.
On Tue, Jul 9, 2019 at 9:44 PM Marc-André Lureau
<marcandre.lureau@redhat.com> wrote:
> With current podman, we have to use a uidmap trick in order to be able
> to rw-share the ccache directory with the container user.
>
> With a user 1000, the default mapping is:
> 1000 (host) -> 0 (container).
>
> So write access to /var/tmp/ccache ends will end with permission
> denied error.
>
> With "--uidmap 1000:0:1 --uidmap 0:1:1000", the mapping is:
> 1000 (host) -> 0 (container, 1st namespace) -> 1000 (container, 2nd namespace).
>
> (the rest is mumbo jumbo to avoid holes in the range of UIDs)
>
> A future podman version may have an option such as --userns-keep-uid.
The future is here! :)
Since Podman 1.4.0, released on 7th June 2019, you can use
--userns=keep-id instead of typing out the entire UID mapping. The
relevant Podman pull request is:
https://github.com/containers/libpod/pull/3196
Cheers,
Rishi
next prev parent reply other threads:[~2019-07-17 21:54 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-07-09 19:43 [Qemu-devel] [PATCH v2 0/5] tests/docker: add podman support Marc-André Lureau
2019-07-09 19:43 ` [Qemu-devel] [PATCH v2 1/5] docker.py: " Marc-André Lureau
2019-07-11 15:52 ` Alex Bennée
2019-07-09 19:43 ` [Qemu-devel] [PATCH v2 2/5] tests/docker: " Marc-André Lureau
2019-07-10 8:27 ` Paolo Bonzini
2019-07-10 8:39 ` Marc-André Lureau
2019-07-10 9:44 ` Paolo Bonzini
2019-07-11 15:55 ` Alex Bennée
2019-07-17 15:44 ` Debarshi Ray
2019-07-17 15:17 ` Debarshi Ray [this message]
2019-07-09 19:43 ` [Qemu-devel] [PATCH v2 3/5] tests: specify the address family when checking bind Marc-André Lureau
2019-07-10 10:12 ` Philippe Mathieu-Daudé
2019-07-09 19:43 ` [Qemu-devel] [PATCH v2 4/5] test-char: skip tcp tests if ipv4 check failed Marc-André Lureau
2019-07-09 19:43 ` [Qemu-devel] [PATCH v2 5/5] test: skip tests if socket_check_protocol_support() failed Marc-André Lureau
2019-07-09 23:39 ` [Qemu-devel] [PATCH v2 0/5] tests/docker: add podman support no-reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CADVaYxbhJX2Fp-nNYqLN4fY+A7pAW5wTTfkg3iNgM9p5BJASNA@mail.gmail.com \
--to=dray@redhat.com \
--cc=alex.bennee@linaro.org \
--cc=berrange@redhat.com \
--cc=fam@euphon.net \
--cc=kraxel@redhat.com \
--cc=marcandre.lureau@redhat.com \
--cc=philmd@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=rishi@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.