diff options
author | Lennart Poettering <lennart@poettering.net> | 2016-04-22 11:47:35 +0200 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2016-04-25 12:16:02 +0200 |
commit | 19aac838fc3b7bcaed272f19a0bec3962eef7418 (patch) | |
tree | 8f3ec2f253dc9c8acc494bc64f896447d0f9d364 | |
parent | 0e7ac7515f2fe0782f4062bb223904e2748b535d (diff) |
nspawn: add -U as shortcut for --private-users=pick
Given that user namespacing is pretty useful now, let's add a shortcut command
line switch for the logic.
-rw-r--r-- | src/nspawn/nspawn.c | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c index c330456ff9..3e32f59f75 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c @@ -212,9 +212,10 @@ static void help(void) { " --uuid=UUID Set a specific machine UUID for the container\n" " -S --slice=SLICE Place the container in the specified slice\n" " --property=NAME=VALUE Set scope unit property\n" + " -U --private-users=pick Run within user namespace, pick UID/GID range automatically\n" " --private-users[=UIDBASE[:NUIDS]]\n" - " Run within user namespace\n" - " --private-user-chown Adjust OS tree file ownership for private user range\n" + " Run within user namespace, user configured UID/GID range\n" + " --private-user-chown Adjust OS tree file ownership for private UID/GID range\n" " --private-network Disable network in container\n" " --network-interface=INTERFACE\n" " Assign an existing network interface to the\n" @@ -425,7 +426,7 @@ static int parse_argv(int argc, char *argv[]) { assert(argc >= 0); assert(argv); - while ((c = getopt_long(argc, argv, "+hD:u:abL:M:jS:Z:qi:xp:n", options, NULL)) >= 0) + while ((c = getopt_long(argc, argv, "+hD:u:abL:M:jS:Z:qi:xp:nU", options, NULL)) >= 0) switch (c) { @@ -860,6 +861,14 @@ static int parse_argv(int argc, char *argv[]) { arg_userns_chown = true; break; + case 'U': + arg_userns = true; + arg_userns_chown = true; + arg_uid_shift = UID_INVALID; + arg_uid_range = 0x10000U; + arg_uid_shift_pick = true; + break; + case ARG_KILL_SIGNAL: arg_kill_signal = signal_from_string_try_harder(optarg); if (arg_kill_signal < 0) { |