From d01cd40196eb18d859b3c416505ceb1d4ba398ac Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Mon, 13 Feb 2017 19:24:01 +0100
Subject: machined: when copying files from/to userns containers chown to root

This changes the file copy logic of machined to set the UID/GID of all
copied files to 0 if the host and container do not share the same user
namespace.

Fixes: #4078
---
 src/tmpfiles/tmpfiles.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/tmpfiles/tmpfiles.c')

diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c
index 382853a2a5..08a138b1b2 100644
--- a/src/tmpfiles/tmpfiles.c
+++ b/src/tmpfiles/tmpfiles.c
@@ -1170,7 +1170,7 @@ static int create_item(Item *i) {
                         return log_error_errno(r, "Failed to substitute specifiers in copy source %s: %m", i->argument);
 
                 log_debug("Copying tree \"%s\" to \"%s\".", resolved, i->path);
-                r = copy_tree(resolved, i->path, COPY_REFLINK);
+                r = copy_tree(resolved, i->path, i->uid_set ? i->uid : UID_INVALID, i->gid_set ? i->gid : GID_INVALID, COPY_REFLINK);
 
                 if (r == -EROFS && stat(i->path, &st) == 0)
                         r = -EEXIST;
-- 
cgit v1.2.3-54-g00ecf