From 7baf904cffdc4074ba5529b095f98a8c1ed6707a Mon Sep 17 00:00:00 2001
From: Radostin Stoyanov <rstoyanov1@gmail.com>
Date: Sat, 26 Aug 2017 21:42:04 +0100
Subject: Enable UID/GID mapping for qcow2

Apply ownership mapping in qcow2 images using libguestfs python
bindings. To make this solution more general we introduce function
guestfs_walk() which will return the root file system tree of disk
image along with UID/GID values.

These changes are applied in additional qcow2 disk image using the
last layer as backing file. For FileSource this is layer-1.qcow2
with backing file layer-0.qcow2.
---
 src/virtBootstrap/sources/docker_source.py | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'src/virtBootstrap/sources/docker_source.py')

diff --git a/src/virtBootstrap/sources/docker_source.py b/src/virtBootstrap/sources/docker_source.py
index a6ea3e6..a2fc8b9 100644
--- a/src/virtBootstrap/sources/docker_source.py
+++ b/src/virtBootstrap/sources/docker_source.py
@@ -49,15 +49,22 @@ class DockerSource(object):
         @param uri: Address of source registry
         @param username: Username to access source registry
         @param password: Password to access source registry
+        @param uid_map: Mappings for UID of files in rootfs
+        @param gid_map: Mappings for GID of files in rootfs
         @param fmt: Format used to store image [dir, qcow2]
         @param not_secure: Do not require HTTPS and certificate verification
         @param no_cache: Whether to store downloaded images or not
         @param progress: Instance of the progress module
+
+        Note: uid_map and gid_map have the format:
+            [[<start>, <target>, <count>], [<start>, <target>, <count>] ...]
         """
 
         self.url = self.gen_valid_uri(kwargs['uri'])
         self.username = kwargs.get('username', None)
         self.password = kwargs.get('password', None)
+        self.uid_map = kwargs.get('uid_map', [])
+        self.gid_map = kwargs.get('gid_map', [])
         self.output_format = kwargs.get('fmt', utils.DEFAULT_OUTPUT_FORMAT)
         self.insecure = kwargs.get('not_secure', False)
         self.no_cache = kwargs.get('no_cache', False)
@@ -280,6 +287,11 @@ class DockerSource(object):
                 )
                 img.create_base_layer()
                 img.create_backing_chains()
+                if self.uid_map or self.gid_map:
+                    logger.info("Mapping UID/GID")
+                    utils.map_id_in_image(
+                        len(self.layers), dest, self.uid_map, self.gid_map
+                    )
 
             else:
                 raise Exception("Unknown format:" + self.output_format)
-- 
cgit