From 417018659b911b0d844ed2deb4fad1e261ea6f2a Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 25 Oct 2023 17:15:05 +0200 Subject: [PATCH] daemon: remove redundant withResetAdditionalGIDs option containerd's `WithUser` function now resets this property, starting with [3eda46af12b1deedab3d0802adb2e81cb3521950][1] (v1.7.0-beta.4), so we no longer need this function. [1]: https://github.com/containerd/containerd/commit/3eda46af12b1deedab3d0802adb2e81cb3521950 Signed-off-by: Sebastiaan van Stijn --- daemon/exec_linux.go | 9 --------- 1 file changed, 9 deletions(-) diff --git a/daemon/exec_linux.go b/daemon/exec_linux.go index 488ab4853f..95440dd05a 100644 --- a/daemon/exec_linux.go +++ b/daemon/exec_linux.go @@ -4,7 +4,6 @@ import ( "context" "github.com/containerd/containerd" - "github.com/containerd/containerd/containers" "github.com/containerd/containerd/oci" coci "github.com/containerd/containerd/oci" "github.com/containerd/containerd/pkg/apparmor" @@ -14,13 +13,6 @@ import ( specs "github.com/opencontainers/runtime-spec/specs-go" ) -func withResetAdditionalGIDs() oci.SpecOpts { - return func(_ context.Context, _ oci.Client, _ *containers.Container, s *oci.Spec) error { - s.Process.User.AdditionalGids = nil - return nil - } -} - func getUserFromContainerd(ctx context.Context, containerdCli *containerd.Client, ec *container.ExecConfig) (specs.User, error) { ctr, err := containerdCli.LoadContainer(ctx, ec.Container.ID) if err != nil { @@ -39,7 +31,6 @@ func getUserFromContainerd(ctx context.Context, containerdCli *containerd.Client opts := []oci.SpecOpts{ coci.WithUser(ec.User), - withResetAdditionalGIDs(), coci.WithAdditionalGIDs(ec.User), coci.WithAppendAdditionalGroups(ec.Container.HostConfig.GroupAdd...), }