Validate uidmap better

Open tailhook opened this issue 10 years ago • 0 comments

When user have failed to setup subuid he receives the error similar to:

$ vagga run
newuidmap: write to uid_map failed: Invalid argument
ERROR:vagga::wrapper: Error executing _build: Can't mount tmpfs "/home/user/workspace/appman/.vagga/.mnt" (options: size=100m): Operation not permitted (os error 1)
Command <Command "/proc/self/exe" ("vagga_wrapper") "_build" "gevent"; environ: {"TERM"="xterm","RUST_LOG"="warn","VAGGA_USER_HOME"="/home/user",}; uid_map=[UidMap { inside_uid: 0, outside_uid: 1000, count: 1 }, UidMap { inside_uid: 165536, outside_uid: 165536, count: 65536 }, UidMap { inside_uid: 100000, outside_uid: 100000, count: 65536 }, UidMap { inside_uid: 100000, outside_uid: 100000, count: 65536 }, UidMap { inside_uid: 100000, outside_uid: 100000, count: 65536 }, UidMap { inside_uid: 100000, outside_uid: 100000, count: 65536 }, UidMap { inside_uid: 100000, outside_uid: 100000, count: 65536 }, UidMap { inside_uid: 100000, outside_uid: 100000, count: 65536 }, UidMap { inside_uid: 100000, outside_uid: 100000, count: 65536 }]; gid_map=[GidMap { inside_gid: 0, outside_gid: 1000, count: 1 }, GidMap { inside_gid: 165536, outside_gid: 165536, count: 65536 }, GidMap { inside_gid: 100000, outside_gid: 100000, count: 65536 }]> exited with code 124

I was expected that newuidmap should describe this case well enough for user understanding, but it seems it entirely relies on OS to validate uid ranges.

Oct 09 '15 13:10 tailhook