Default process user to container config user.

Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-06-26 15:06:37 -07:00 · 2015-06-26 15:06:37 -07:00 · 0faa4518ed
commit 0faa4518ed
parent 389b806945
2 changed files with 25 additions and 4 deletions
--- a/daemon/exec.go
+++ b/daemon/exec.go
@ -109,7 +109,6 @@ func (d *Daemon) getActiveContainer(name string) (*Container, error) {
 }

 func (d *Daemon) ContainerExecCreate(config *runconfig.ExecConfig) (string, error) {
-
 	// Not all drivers support Exec (LXC for example)
 	if err := checkExecSupport(d.execDriver.Name()); err != nil {
 		return "", err
@ -123,11 +122,16 @@ func (d *Daemon) ContainerExecCreate(config *runconfig.ExecConfig) (string, erro
 	cmd := runconfig.NewCommand(config.Cmd...)
 	entrypoint, args := d.getEntrypointAndArgs(runconfig.NewEntrypoint(), cmd)

+	user := config.User
+	if len(user) == 0 {
+		user = container.Config.User
+	}
+
 	processConfig := execdriver.ProcessConfig{
 		Tty:        config.Tty,
 		Entrypoint: entrypoint,
 		Arguments:  args,
-		User:       config.User,
+		User:       user,
 	}

 	execConfig := &execConfig{
--- a/integration-cli/docker_cli_exec_test.go
+++ b/integration-cli/docker_cli_exec_test.go
@ -445,7 +445,6 @@ func (s *DockerSuite) TestInspectExecID(c *check.C) {
 }

 func (s *DockerSuite) TestLinksPingLinkedContainersOnRename(c *check.C) {
-
 	var out string
 	out, _ = dockerCmd(c, "run", "-d", "--name", "container1", "busybox", "top")
 	idA := strings.TrimSpace(out)
@ -610,7 +609,6 @@ func (s *DockerSuite) TestRunMutableNetworkFiles(c *check.C) {
 }

 func (s *DockerSuite) TestExecWithUser(c *check.C) {
-
 	runCmd := exec.Command(dockerBinary, "run", "-d", "--name", "parent", "busybox", "top")
 	if out, _, err := runCommandWithOutput(runCmd); err != nil {
 		c.Fatal(out, err)
@ -635,3 +633,22 @@ func (s *DockerSuite) TestExecWithUser(c *check.C) {
 	}

 }
+
+func (s *DockerSuite) TestExecWithImageUser(c *check.C) {
+	name := "testbuilduser"
+	_, err := buildImage(name,
+		`FROM busybox
+		RUN echo 'dockerio:x:1001:1001::/bin:/bin/false' >> /etc/passwd
+		USER dockerio`,
+		true)
+	if err != nil {
+		c.Fatalf("Could not build image %s: %v", name, err)
+	}
+
+	dockerCmd(c, "run", "-d", "--name", "dockerioexec", name, "top")
+
+	out, _ := dockerCmd(c, "exec", "dockerioexec", "whoami")
+	if !strings.Contains(out, "dockerio") {
+		c.Fatalf("exec with user by id expected dockerio user got %s", out)
+	}
+}