From patchwork Fri Jul 5 08:40:12 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Alex_Benn=C3=A9e?= X-Patchwork-Id: 810371 Delivered-To: patch@linaro.org Received: by 2002:adf:a199:0:b0:367:895a:4699 with SMTP id u25csp1508386wru; Fri, 5 Jul 2024 01:44:55 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCVLejhUwyY7fWsvCirSJCisaAlAsI6DB/np4nHdVgktWn9rZ/5a8F3SSKsJQvVyjOKNWJDdn1o7DJNCUcn5QFD6 X-Google-Smtp-Source: AGHT+IFvZCLseflzAFBoQ+PJiO3eJIcaEJHDKCauP/TOCiwFugG2qLs24sQwWhEdAYlM+Wm8CbDR X-Received: by 2002:adf:fa89:0:b0:367:8ab0:14b7 with SMTP id ffacd0b85a97d-3679dd7c34cmr2593699f8f.68.1720169095161; Fri, 05 Jul 2024 01:44:55 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1720169095; cv=none; d=google.com; s=arc-20160816; b=HYRzgzlHduqo29Bw/45MYiyo5rtzLX1vjRN57Ab6ccHr+nJeNaF8WPqdyuwZ6zVP2T IkzZzhn+B8KvZbU1SzcM6FFmYaQueGV+pUlghnF4tV0ZM3Ta06HSTESWfpBjNoRq9hKX UDr1fX/FPtyivNSDJjvlkkAHsWPmRs1v4m9IxSrgLx+mxUq2oIt3L19MUk9M5TksNWN5 e+cW55I3rv+GM+1wz0HAMmH6l9g0pHa06Zz/Dd3sC6Pyt4FvlV1YEuBamOlXKhxG8AWD /bDWMHA+m7iaPZBF4wqA4CoHmiDX3BWB6iOFEhci07z/TItkFF7IAN9AeV+LsHufS9Us 85Pg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=k9Mm2xBLn8Ufe39/+67RjiS06msB6AjL659puseOu/8=; fh=jJAo5/p0ZYR4zINrfgZ/Zs9vrNoEEOPakMg37pTjRb0=; b=c0uF1ZOuAYmBoM9GM8Bc1e+gpeX8s1/XjXSfu5uj8ISxRaaVeRFvUCb0pIJMgWqoO3 /6P0bN2toyqUo/srqlFHsEPd2drptcs9kFYRGmU7TSGq1T6e7GMdVEDXOb4/MvFPMbDE PphrOkHzBvp0Lqd9CSjd3px8qiuI4BJ+p112D5J/1LNfB/Sa2Sdu0yNZXWC3MLXM2Rz4 NoB+kCNYsRN4z6bzz38UYOtyY39Q8SC2B2zzHkt5eEmVu8fPCcjbOZeiDZXw22HDuzaB cejxKETQEExtksCH+Y6yKlpfPNX2+v/F57uz8QdPwARxxf67u9g2RMtgbtYbMsHKVhyB MhWA==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=z5s69qjX; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id ffacd0b85a97d-3675a0f9c2bsi9277836f8f.635.2024.07.05.01.44.55 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Fri, 05 Jul 2024 01:44:55 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=z5s69qjX; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sPeVT-0000RB-Aj; Fri, 05 Jul 2024 04:41:27 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sPeV3-0008VH-MU for qemu-devel@nongnu.org; Fri, 05 Jul 2024 04:41:01 -0400 Received: from mail-ed1-x529.google.com ([2a00:1450:4864:20::529]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sPeUx-0003BL-A7 for qemu-devel@nongnu.org; Fri, 05 Jul 2024 04:41:01 -0400 Received: by mail-ed1-x529.google.com with SMTP id 4fb4d7f45d1cf-58bac81f419so1968361a12.0 for ; Fri, 05 Jul 2024 01:40:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1720168853; x=1720773653; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=k9Mm2xBLn8Ufe39/+67RjiS06msB6AjL659puseOu/8=; b=z5s69qjXTsB5rWhOXDAiFMA5iNNm8R4hU9jBH7GNN9S4rfJ6JDrcu0SZfjMdMO/6/+ 52Bubn/a0KYskr4EgaPA3C0yFuYjjG9kFDWLHg6Jo9wgbLh1ecfmMYg86CTteWFUDeuC +mQNwP0S3aNDXMUU0g3uEFRrXDwOirayjOyYHPkEbYbarloqKlgbWiwjFmov9XS3VYBK TMBWDt+HtXEor/UvuDMxVMC3m8b7uqbO+TbaGe+joUIcH+z5KjZZQ7Dp2yhUCR8CiaaL g0Gdj9F5MjOD9x+zgWywOoTOIWLlBO278NM1cw56Rv0hsaaHHBq7EotdpuNU15B7Y/A1 3jmw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1720168853; x=1720773653; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=k9Mm2xBLn8Ufe39/+67RjiS06msB6AjL659puseOu/8=; b=ZZLMHtk+HXFcRJ/Hvu4L2o4KcNnqOCxK9doQ9ay8wAQrWP2XYujQZHNQ/qNiaMK+yT Jpeo6AE3FeLBsseBQS001+KAeXkOixDXB/1OTdYOA+gX0aYV4yf2T6dXYwmRq4y/gnI8 nnSlLlbDPwV9MCyRSGXO6qDGvGp2WYH+4UQOYz6/dOCLUA0MbmDm4WEF+0AXLWeEuOgk HDu1X1CLYb2osCA/WaFPTwUT8CbVW13eULVnoKEQyPSxStPLSLB3dZ1RYTAZF5J3f2TW 7ClxA3hdj9wuCCCljtB3OCZuoDu5km9n3AIURb9lz6NloqhqeY+POTKhpn6Cbg3PhqQm EN2A== X-Gm-Message-State: AOJu0YzafUeij0xnqMvfqFzq9i7o33YE4RJ8OSts2ZpaRYCuKQTd4eIt LmYXi/KtMJXvPaMrfM4TtfGqZHp89WxP/NqAQV23Kiwc2pgqNvxR0SWLwijV5lU= X-Received: by 2002:a17:906:b894:b0:a6f:b9d3:343a with SMTP id a640c23a62f3a-a77ba72c652mr252802166b.71.1720168852406; Fri, 05 Jul 2024 01:40:52 -0700 (PDT) Received: from draig.lan ([85.9.250.243]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-a75390ca05fsm349797666b.92.2024.07.05.01.40.49 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 05 Jul 2024 01:40:50 -0700 (PDT) Received: from draig.lan (localhost [IPv6:::1]) by draig.lan (Postfix) with ESMTP id 293065F935; Fri, 5 Jul 2024 09:40:48 +0100 (BST) From: =?utf-8?q?Alex_Benn=C3=A9e?= To: qemu-devel@nongnu.org Cc: Wainer dos Santos Moschetta , Beraldo Leal , David Hildenbrand , Paolo Bonzini , =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= , Pierrick Bouvier , Alexandre Iooss , Thomas Huth , Mahmoud Mandour , Peter Maydell , qemu-arm@nongnu.org, Aleksandar Rikalo , Mads Ynddal , Yanan Wang , Eduardo Habkost , Peter Xu , Richard Henderson , Marcel Apfelbaum , Paul Burton , Stefan Hajnoczi , =?utf-8?q?Alex_Benn=C3=A9e?= , Laurent Vivier , Akihiko Odaki Subject: [PATCH v2 05/40] tests/docker: Specify --userns keep-id for Podman Date: Fri, 5 Jul 2024 09:40:12 +0100 Message-Id: <20240705084047.857176-6-alex.bennee@linaro.org> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20240705084047.857176-1-alex.bennee@linaro.org> References: <20240705084047.857176-1-alex.bennee@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::529; envelope-from=alex.bennee@linaro.org; helo=mail-ed1-x529.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org From: Akihiko Odaki Previously we are always specifying -u $(UID) to match the UID in the container with one outside. This causes a problem with rootless Podman. Rootless Podman remaps user IDs in the container to ones controllable for the current user outside. The -u option instructs Podman to use a specified UID in the container but does not affect the UID remapping. Therefore, the UID in the container can be remapped to some other UID outside the container. This can make the access to bind-mounted volumes fail because the remapped UID mismatches with the owner of the directories. Replace -u $(UID) with --userns keep-id, which fixes the UID remapping. This change is limited to Podman because Docker does not support --userns keep-id. Signed-off-by: Akihiko Odaki Message-Id: <20240626-podman-v1-1-f8c8daf2bb0a@daynix.com> Signed-off-by: Alex Bennée --- tests/docker/Makefile.include | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/tests/docker/Makefile.include b/tests/docker/Makefile.include index 8df50a0ca0..708e3a72fb 100644 --- a/tests/docker/Makefile.include +++ b/tests/docker/Makefile.include @@ -207,7 +207,12 @@ docker-run: docker-qemu-src $(call quiet-command, \ $(RUNC) run \ --rm \ - $(if $(NOUSER),,-u $(UID)) \ + $(if $(NOUSER),, \ + $(if $(filter docker,$(RUNC)), \ + -u $(UID), \ + --userns keep-id \ + ) \ + ) \ --security-opt seccomp=unconfined \ $(if $(DEBUG),-ti,) \ $(if $(NETWORK),$(if $(subst $(NETWORK),,1),--net=$(NETWORK)),--net=none) \