README
¶
Fuidshift
Move Filesystem ownership into other subordinated uid ranges
Motivation
When using unprivileged lxc/systemd-nspawn
containers the container process is shifted into subuids ranges.
This requires however that container filesystem use the same range. Most
distribution installer/bootstrap tools does provide options to achieve this.
fuidshift allow to migrate the os filesystem tree later on. fuidshift is part
of lxd. This repo however removed all unneeded dependencies,
which comes with lxd, so it can be build and installed with a single go get.
Installation
- Install the go compiler
- Get fuidshift:
$ go get github.com/Mic92/fuidshift
Usage
This shift uid/guid range use:
$ fuidshift path/to/rootfs/ b:0:100000:65536
and reverse it with:
$ fuidshift -r path/to/rootfs/ b:0:100000:65536
Documentation
¶
Index ¶
- type IdmapEntry
- type IdmapSet
- func (m IdmapSet) Append(s string) (IdmapSet, error)
- func (m IdmapSet) Intersects(i IdmapEntry) bool
- func (m IdmapSet) Len() int
- func (m IdmapSet) ShiftFromNs(uid int, gid int) (int, int)
- func (m IdmapSet) ShiftIntoNs(uid int, gid int) (int, int)
- func (set *IdmapSet) UidshiftFromContainer(dir string, testmode bool) error
- func (set *IdmapSet) UidshiftIntoContainer(dir string, testmode bool) error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type IdmapEntry ¶
type IdmapEntry struct {
Isuid bool
Isgid bool
Hostid int // id as seen on the host - i.e. 100000
Nsid int // id as seen in the ns - i.e. 0
Maprange int
}
* One entry in id mapping set - a single range of either * uid or gid mappings.
func Extend ¶
func Extend(slice []IdmapEntry, element IdmapEntry) []IdmapEntry
taken from http://blog.golang.org/slices (which is under BSD licence)
func (*IdmapEntry) Intersects ¶
func (e *IdmapEntry) Intersects(i IdmapEntry) bool
type IdmapSet ¶
type IdmapSet struct {
Idmap []IdmapEntry
}
func (IdmapSet) Intersects ¶
func (m IdmapSet) Intersects(i IdmapEntry) bool
Source Files
Directories