From f77d45e3ba7e1851e328a3003c5fc91d0ac20e9f Mon Sep 17 00:00:00 2001 From: Ye Sijun Date: Fri, 8 Jul 2022 18:32:35 +0800 Subject: [PATCH] ctr: support --user for run/create Signed-off-by: Ye Sijun --- cmd/ctr/commands/commands.go | 4 ++++ cmd/ctr/commands/run/run_unix.go | 3 +++ cmd/ctr/commands/run/run_windows.go | 6 +----- 3 files changed, 8 insertions(+), 5 deletions(-) diff --git a/cmd/ctr/commands/commands.go b/cmd/ctr/commands/commands.go index faa9fcd51..37ed75685 100644 --- a/cmd/ctr/commands/commands.go +++ b/cmd/ctr/commands/commands.go @@ -205,6 +205,10 @@ var ( Name: "hostname", Usage: "set the container's host name", }, + cli.StringFlag{ + Name: "user,u", + Usage: "username or user id, group optional (format: [:])", + }, } ) diff --git a/cmd/ctr/commands/run/run_unix.go b/cmd/ctr/commands/run/run_unix.go index 12b467b7c..0ac5fe409 100644 --- a/cmd/ctr/commands/run/run_unix.go +++ b/cmd/ctr/commands/run/run_unix.go @@ -196,6 +196,9 @@ func NewContainer(ctx gocontext.Context, client *containerd.Client, context *cli if cwd := context.String("cwd"); cwd != "" { opts = append(opts, oci.WithProcessCwd(cwd)) } + if user := context.String("user"); user != "" { + opts = append(opts, oci.WithUser(user), oci.WithAdditionalGIDs(user)) + } if context.Bool("tty") { opts = append(opts, oci.WithTTY) } diff --git a/cmd/ctr/commands/run/run_windows.go b/cmd/ctr/commands/run/run_windows.go index f0ae22b96..d774d0c6e 100644 --- a/cmd/ctr/commands/run/run_windows.go +++ b/cmd/ctr/commands/run/run_windows.go @@ -38,10 +38,6 @@ var platformRunFlags = []cli.Flag{ Name: "isolated", Usage: "run the container with vm isolation", }, - cli.StringFlag{ - Name: "user", - Usage: "run the container as the specified user", - }, } // NewContainer creates a new container @@ -114,7 +110,7 @@ func NewContainer(ctx gocontext.Context, client *containerd.Client, context *cli opts = append(opts, oci.WithProcessCwd(cwd)) } if user := context.String("user"); user != "" { - opts = append(opts, oci.WithUsername(user)) + opts = append(opts, oci.WithUser(user)) } if context.Bool("tty") { opts = append(opts, oci.WithTTY)