It is a valid use case to run a container with host uid and gid different than the default. This patch provides and documents a way to do so.
Signed-off-by: Glauber Costa <glom...@parallels.com> --- man/vzctl.8.in | 14 ++++++++++++++ src/vzctl-actions.c | 2 ++ src/vzctl.c | 1 + 3 files changed, 17 insertions(+) diff --git a/man/vzctl.8.in b/man/vzctl.8.in index 5efd702..07162ea 100644 --- a/man/vzctl.8.in +++ b/man/vzctl.8.in @@ -852,6 +852,8 @@ List of available fields can be obtained using \fB-L\fR option. .OP --ipadd addr .OP --hostname name .OP --name name +.OP --local_uid uid +.OP --local_gid gid .YS .IP "" 4 Creates a new container area. This operation should be done once, before @@ -903,6 +905,18 @@ a container. Note that this option can be used multiple times. You can use \fB--hostname\fR \fIname\fR option to set a host name for a container. + +When running with an upstream Linux Kernel that supports user namespaces +(>= 3.8), the parameters \fB--local_uid\fR and \fB--local_gid\fR can be used to select +which \fIuid\fR and \fIgid\fR respectively will be used as a base user in the +host system. Note that user namespaces provide a 1:1 mapping between container +users and host users. If these options are not specified, the value 100000 is +used. + +\fBWarning:\fR use \fB--local_uid\fR and \fB--local_gid\fR with care, specially +when migrating containers. In all situations, the container's files in the +filesystem needs to be correctly owned by the host-side users. + .IP "\fBdestroy\fR | \fBdelete\fR \fICTID\fR" 4 Removes a container private area by deleting all files, directories and the configuration file of this container. diff --git a/src/vzctl-actions.c b/src/vzctl-actions.c index be22265..63d93aa 100644 --- a/src/vzctl-actions.c +++ b/src/vzctl-actions.c @@ -391,6 +391,8 @@ static int parse_create_opt(envid_t veid, int argc, char **argv, {"ve_layout", required_argument, NULL, PARAM_VE_LAYOUT}, {"velayout", required_argument, NULL, PARAM_VE_LAYOUT}, {"diskspace", required_argument, NULL, PARAM_DISKSPACE}, + {"local_uid", required_argument, NULL, PARAM_LOCAL_UID}, + {"local_gid", required_argument, NULL, PARAM_LOCAL_GID}, { NULL, 0, NULL, 0 } }; diff --git a/src/vzctl.c b/src/vzctl.c index d9bba7d..a72ab39 100644 --- a/src/vzctl.c +++ b/src/vzctl.c @@ -65,6 +65,7 @@ static void usage(int rc) "vzctl create <ctid> [--ostemplate <name>] [--config <name>]\n" " [--layout ploop|simfs] [--hostname <name>] [--name <name>] [--ipadd <addr>]\n" " [--diskspace <kbytes>] [--private <path>] [--root <path>]\n" +" [--local_uid <UID>] [--local_gid <GID>]\n" "vzctl start <ctid> [--force] [--wait]\n" "vzctl destroy | mount | umount | stop | restart | status <ctid>\n" #ifdef HAVE_PLOOP -- 1.7.11.7 _______________________________________________ Devel mailing list Devel@openvz.org https://lists.openvz.org/mailman/listinfo/devel