0ct0pu5/moby
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

daemon: remove redundant withResetAdditionalGIDs option

Browse source 
containerd's `WithUser` function now resets this property, starting with
[3eda46af12b1deedab3d0802adb2e81cb3521950][1] (v1.7.0-beta.4), so we no
longer need this function.

[1]: 3eda46af12

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This commit is contained in:
Sebastiaan van Stijn 2023-10-25 17:15:05 +02:00
parent e36260f39a
commit 417018659b
No known key found for this signature in database
GPG key ID: 76698F39D527CE8C
1 changed files with 0 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
daemon/exec_linux.go
View file

@ -4,7 +4,6 @@ import (
"context"
"github.com/containerd/containerd"
"github.com/containerd/containerd/containers"
"github.com/containerd/containerd/oci"
coci "github.com/containerd/containerd/oci"
"github.com/containerd/containerd/pkg/apparmor"
@ -14,13 +13,6 @@ import (
specs "github.com/opencontainers/runtime-spec/specs-go"
)
func withResetAdditionalGIDs() oci.SpecOpts {
return func(_ context.Context, _ oci.Client, _ *containers.Container, s *oci.Spec) error {
s.Process.User.AdditionalGids = nil
return nil
}
}
func getUserFromContainerd(ctx context.Context, containerdCli *containerd.Client, ec *container.ExecConfig) (specs.User, error) {
ctr, err := containerdCli.LoadContainer(ctx, ec.Container.ID)
if err != nil {
@ -39,7 +31,6 @@ func getUserFromContainerd(ctx context.Context, containerdCli *containerd.Client
opts := []oci.SpecOpts{
coci.WithUser(ec.User),
withResetAdditionalGIDs(),
coci.WithAdditionalGIDs(ec.User),
coci.WithAppendAdditionalGroups(ec.Container.HostConfig.GroupAdd...),
}