TheCloud/fuse-overlayfs
1
0
Fork 0
mirror of https://github.com/containers/fuse-overlayfs.git synced 2025-08-03 18:05:58 -04:00
Code Issues Packages Projects Releases Wiki Activity
fuse-overlayfs/contrib
History
Giuseppe Scrivano 63abdc1138
fuse-overlays: introduce xattr to override gid/uid/mode 
introduce a new xattr "user.fuseoverlayfs.override_stat" that permit
to override the reported uid/gid/mode for lower layers.

It enables sharing storage among different users.

Since it is not possible to use "user.*" xattrs for symlinks, provide
also a privileged variant "security.fuseoverlayfs.override_stat", so
the root user can create the xattr for symlinks as well.

A script "fix-mode.py" is provided for converting an existing
layer/storage to the new model.  It is a destructive operation as
every file is converted to mode 0755, thus it is not usable anymore
with native overlay, or older versions of fuse-overlayfs.

Example with Podman:

Rootless:
Modify /.config/containers/storage.conf and add under storage.options:
additionalimagestores = ["/var/lib/shared-storage"]

Assuming an empty local storage for the user:

$ podman images
REPOSITORY                TAG     IMAGE ID      CREATED      SIZE    ReadOnly
docker.io/library/fedora  latest  a368cbcfa678  5 weeks ago  189 MB  true

and the files show the original mode and owner:

$ podman run --read-only --rm -ti docker.io/library/fedora ls -l /
lrwxrwxrwx.   1 root   root      7 Jan 28  2020 bin -> usr/bin
dr-xr-xr-x.   2 root   root      6 Jan 28  2020 boot
drwxr-xr-x.   5 root   root    360 Aug 15 13:26 dev
drwxr-xr-x.  41 root   root   4096 Jul  9 06:48 etc
drwxr-xr-x.   2 root   root      6 Jan 28  2020 home
lrwxrwxrwx.   1 root   root      7 Jan 28  2020 lib -> usr/lib
lrwxrwxrwx.   1 root   root      9 Jan 28  2020 lib64 -> usr/lib64
drwx------.   2 root   root      6 Jul  9 06:48 lost+found
drwxr-xr-x.   2 root   root      6 Jan 28  2020 media
drwxr-xr-x.   2 root   root      6 Jan 28  2020 mnt
drwxr-xr-x.   2 root   root      6 Jan 28  2020 opt
dr-xr-xr-x. 436 nobody nobody    0 Aug 15 13:26 proc
dr-xr-x---.   2 root   root    196 Jul  9 06:48 root
drwxrwxrwt.   3 root   root     80 Aug 15 13:26 run
lrwxrwxrwx.   1 root   root      8 Jan 28  2020 sbin -> usr/sbin
drwxr-xr-x.   2 root   root      6 Jan 28  2020 srv
dr-xr-xr-x.  13 nobody nobody    0 Aug  5 21:38 sys
drwxrwxrwt.   2 root   root     60 Aug 15 13:26 tmp
drwxr-xr-x.  12 root   root    144 Jul  9 06:48 usr
drwxr-xr-x.  18 root   root    235 Jul  9 06:48 var

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2020-08-17 14:01:17 +02:00
..
fix-mode.py
fuse-overlays: introduce xattr to override gid/uid/mode
2020-08-17 14:01:17 +02:00