apply: use naive applier when running in UserNS

`OverlayConvertWhiteout` calls `mknod c 0 0` which is not allowed when running in a user namespace, even in Ubuntu kernel. Although there is an alternative hacky way to create whiteouts without calling mknod as Moby `overlay2` actually does(see #3762), let's use naive applier when running in UserNS and call it a day. Close #3762 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2019-10-19 19:45:09 +09:00 · 2019-10-19 19:45:09 +09:00 · c224edc5c6
commit c224edc5c6
parent 4523ab734a
1 changed files with 6 additions and 0 deletions
--- a/diff/apply/apply_linux.go
+++ b/diff/apply/apply_linux.go
@ -26,12 +26,18 @@ import (
 	"github.com/containerd/containerd/archive"
 	"github.com/containerd/containerd/errdefs"
 	"github.com/containerd/containerd/mount"
+	"github.com/opencontainers/runc/libcontainer/system"
 	"github.com/pkg/errors"
 )

 func apply(ctx context.Context, mounts []mount.Mount, r io.Reader) error {
 	switch {
 	case len(mounts) == 1 && mounts[0].Type == "overlay":
+		// OverlayConvertWhiteout (mknod c 0 0) doesn't work in userns.
+		// https://github.com/containerd/containerd/issues/3762
+		if system.RunningInUserNS() {
+			break
+		}
 		path, parents, err := getOverlayPath(mounts[0].Options)
 		if err != nil {
 			if errdefs.IsInvalidArgument(err) {