Skip to content

Commit

Permalink
Support umask
Browse files Browse the repository at this point in the history
Signed-off-by: Furisto <[email protected]>
  • Loading branch information
Furisto committed Jan 24, 2022
1 parent 1b810d4 commit 8310534
Showing 1 changed file with 9 additions and 0 deletions.
9 changes: 9 additions & 0 deletions crates/libcontainer/src/process/container_init_process.rs
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ use crate::{
use anyhow::{bail, Context, Result};
use nix::mount::MsFlags;
use nix::sched::CloneFlags;
use nix::sys::stat::Mode;
use nix::{
fcntl,
unistd::{self, Gid, Uid},
Expand Down Expand Up @@ -294,6 +295,14 @@ pub fn container_init_process(
)?
}

if let Some(umask) = proc.user().umask() {
if let Some(mode) = Mode::from_bits(umask) {
nix::sys::stat::umask(mode);
} else {
bail!("invalid umask {}", umask);
}
}

if let Some(paths) = linux.readonly_paths() {
// mount readonly path
for path in paths {
Expand Down

0 comments on commit 8310534

Please sign in to comment.