From c224edc5c6350026a7d35a09dce638b0f09e6d44 Mon Sep 17 00:00:00 2001
From: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Date: Sat, 19 Oct 2019 19:45:09 +0900
Subject: [PATCH] apply: use naive applier when running in UserNS

`OverlayConvertWhiteout` calls `mknod c 0 0` which is not allowed when
running in a user namespace, even in Ubuntu kernel.

Although there is an alternative hacky way to create whiteouts without
calling mknod as Moby `overlay2` actually does(see #3762), let's use
naive applier when running in UserNS and call it a day.

Close #3762

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
---
 diff/apply/apply_linux.go | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/diff/apply/apply_linux.go b/diff/apply/apply_linux.go
index c36b6090c..bbe9c17d9 100644
--- a/diff/apply/apply_linux.go
+++ b/diff/apply/apply_linux.go
@@ -26,12 +26,18 @@ import (
 	"github.com/containerd/containerd/archive"
 	"github.com/containerd/containerd/errdefs"
 	"github.com/containerd/containerd/mount"
+	"github.com/opencontainers/runc/libcontainer/system"
 	"github.com/pkg/errors"
 )
 
 func apply(ctx context.Context, mounts []mount.Mount, r io.Reader) error {
 	switch {
 	case len(mounts) == 1 && mounts[0].Type == "overlay":
+		// OverlayConvertWhiteout (mknod c 0 0) doesn't work in userns.
+		// https://github.com/containerd/containerd/issues/3762
+		if system.RunningInUserNS() {
+			break
+		}
 		path, parents, err := getOverlayPath(mounts[0].Options)
 		if err != nil {
 			if errdefs.IsInvalidArgument(err) {