From 7baf904cffdc4074ba5529b095f98a8c1ed6707a Mon Sep 17 00:00:00 2001 From: Radostin Stoyanov Date: Sat, 26 Aug 2017 21:42:04 +0100 Subject: Enable UID/GID mapping for qcow2 Apply ownership mapping in qcow2 images using libguestfs python bindings. To make this solution more general we introduce function guestfs_walk() which will return the root file system tree of disk image along with UID/GID values. These changes are applied in additional qcow2 disk image using the last layer as backing file. For FileSource this is layer-1.qcow2 with backing file layer-0.qcow2. --- src/virtBootstrap/sources/docker_source.py | 12 ++++++++++++ src/virtBootstrap/sources/file_source.py | 7 +++++++ 2 files changed, 19 insertions(+) (limited to 'src/virtBootstrap/sources') diff --git a/src/virtBootstrap/sources/docker_source.py b/src/virtBootstrap/sources/docker_source.py index a6ea3e6..a2fc8b9 100644 --- a/src/virtBootstrap/sources/docker_source.py +++ b/src/virtBootstrap/sources/docker_source.py @@ -49,15 +49,22 @@ class DockerSource(object): @param uri: Address of source registry @param username: Username to access source registry @param password: Password to access source registry + @param uid_map: Mappings for UID of files in rootfs + @param gid_map: Mappings for GID of files in rootfs @param fmt: Format used to store image [dir, qcow2] @param not_secure: Do not require HTTPS and certificate verification @param no_cache: Whether to store downloaded images or not @param progress: Instance of the progress module + + Note: uid_map and gid_map have the format: + [[, , ], [, , ] ...] """ self.url = self.gen_valid_uri(kwargs['uri']) self.username = kwargs.get('username', None) self.password = kwargs.get('password', None) + self.uid_map = kwargs.get('uid_map', []) + self.gid_map = kwargs.get('gid_map', []) self.output_format = kwargs.get('fmt', utils.DEFAULT_OUTPUT_FORMAT) self.insecure = kwargs.get('not_secure', False) self.no_cache = kwargs.get('no_cache', False) @@ -280,6 +287,11 @@ class DockerSource(object): ) img.create_base_layer() img.create_backing_chains() + if self.uid_map or self.gid_map: + logger.info("Mapping UID/GID") + utils.map_id_in_image( + len(self.layers), dest, self.uid_map, self.gid_map + ) else: raise Exception("Unknown format:" + self.output_format) diff --git a/src/virtBootstrap/sources/file_source.py b/src/virtBootstrap/sources/file_source.py index 69f024c..b4b29ce 100644 --- a/src/virtBootstrap/sources/file_source.py +++ b/src/virtBootstrap/sources/file_source.py @@ -41,10 +41,14 @@ class FileSource(object): @param uri: Path to tar archive file. @param fmt: Format used to store image [dir, qcow2] + @param uid_map: Mappings for UID of files in rootfs + @param gid_map: Mappings for GID of files in rootfs @param progress: Instance of the progress module """ self.path = kwargs['uri'].path self.output_format = kwargs.get('fmt', utils.DEFAULT_OUTPUT_FORMAT) + self.uid_map = kwargs.get('uid_map', []) + self.gid_map = kwargs.get('gid_map', []) self.progress = kwargs['progress'].update_progress def unpack(self, dest): @@ -73,6 +77,9 @@ class FileSource(object): progress=self.progress ) img.create_base_layer() + if self.uid_map or self.gid_map: + logger.info("Mapping UID/GID") + utils.map_id_in_image(1, dest, self.uid_map, self.gid_map) else: raise Exception("Unknown format:" + self.output_format) -- cgit