From beeefb214a2dc8917b5a31945e740ecce4536764 Mon Sep 17 00:00:00 2001
From: Stefano Brivio <sbrivio@redhat.com>
Date: Wed, 28 Jun 2023 17:45:36 +0200
Subject: cooker, seitan: Add support for GID/UID in context

Similarly to namespace specifications, the special value "caller", as
well as login/group names and numeric UID/GIDs are supported.

Example of usage in demo/mknod.hjson. Light on checks and with some
TODOs left behind at the moment.

Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
---
 cooker/call.c | 19 +++++++++++++++----
 1 file changed, 15 insertions(+), 4 deletions(-)

(limited to 'cooker/call.c')

diff --git a/cooker/call.c b/cooker/call.c
index c3f290c..6dbfd29 100644
--- a/cooker/call.c
+++ b/cooker/call.c
@@ -458,14 +458,25 @@ static void parse_context(struct context_desc *cdesc, JSON_Object *obj)
 			if (!strcmp(str, "caller")) {
 				cdesc[n].spec = CONTEXT_SPEC_CALLER;
 			} else {
-				cdesc[n].spec = CONTEXT_SPEC_PATH;
-				strncpy(cdesc[n].target.path, str, PATH_MAX);
+				cdesc[n].spec = CONTEXT_SPEC_NAME;
+				if (type == UID || type == GID) {
+					strncpy(cdesc[n].target.name, str,
+						LOGIN_NAME_MAX);
+				} else {
+					strncpy(cdesc[n].target.path, str,
+						PATH_MAX);
+				}
 			}
 		} else if ((num = json_object_get_number(obj, name))) {
 			debug("   '%s' context: %lli", name, num);
 
-			cdesc[n].spec = CONTEXT_SPEC_PID;
-			cdesc[n].target.pid = num;
+			cdesc[n].spec = CONTEXT_SPEC_NUM;
+			if (type == UID)
+				cdesc[n].target.uid = num;
+			else if (type == GID)
+				cdesc[n].target.gid = num;
+			else
+				cdesc[n].target.pid = num;
 		} else {
 			die("invalid context specification");
 		}
-- 
cgit v1.2.3