`/etc/passwd` generation support
trungnt2910 opened this issue · comments
Trung Nguyen commented
Add support for HyClone generating /etc/passwd
and /etc/groups
.
HyClone should:
- Read the host's user accounts. These accounts should be mapped to HyClone UIDs starting from 2000, except for that of the user who started
hyclone_server
. User ids smaller than 1000 will have thehost-
prefixed. - The user who started
hyclone_server
will be mapped as HyClone UID 0 (the root). - For other existing users listed in HyClone's
/etc/passwd
:- UIDs starting from 2000 but not listed in the host's user accounts are understood as dangling accounts and should be removed.
- Other users not listed in the host's user accounts will be mapped to the user who started
hyclone_server
. In HyClone they should keep their respective ids.
A similar strategy should be applied to group ids.
Also, hyclone_server
should allow querying home directories according to the settings in /etc/passwd
, to resolve this comment by @X547.
This should allow an actual _kern_setgroups
and other similar syscalls in monika
. Rather than failing with EPERM
99% of the time and just pretend that it never happened, these syscalls can succeed for HyClone emulated UID/GIDs and fail when the hyclone_server
launching user is not the host's root and the binary attempts to request host UID/GIDs.