AdditionalGids must include effective group ID

otherwise this one won't be considered for permission checks

Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
(cherry picked from commit 25345f2c04)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This commit is contained in:
Nicolas De Loof 2022-06-02 11:30:15 +02:00 committed by Sebastiaan van Stijn
parent 21d818be87
commit 393027d1b1
No known key found for this signature in database
GPG key ID: 76698F39D527CE8C

View file

@ -198,6 +198,7 @@ func getUser(c *container.Container, username string) (specs.User, error) {
}
usr.UID = uint32(execUser.Uid)
usr.GID = uint32(execUser.Gid)
usr.AdditionalGids = []uint32{usr.GID}
var addGroups []int
if len(c.HostConfig.GroupAdd) > 0 {