From 73fdc6b27a72394fbaaa2ff92fdbde3a422fd386 Mon Sep 17 00:00:00 2001
From: MasterofJOKers <joker@someserver.de>
Date: Wed, 8 Mar 2023 00:29:02 +0100
Subject: [PATCH] lxc-debian-userns: Handle uid-mapping with lxc-create

lxc-create will pass "--mapped-uid" and "--mapped-gid" into the
template, if there's an "lxc.idmap" option in the config file. We now
support getting these parameters as options.

Since an "lxc.idmap" option in the config makes lxc-create already
change the userns, we cannot support it. Therefore, we error out if we
see these options. Instead, we write the "lxc.idmap" options ourselves
based on the "--uidmap" and "--gidmap" options passed by the user.
---
 lxc/lxc-debian-userns | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/lxc/lxc-debian-userns b/lxc/lxc-debian-userns
index fa5b046..87e8254 100755
--- a/lxc/lxc-debian-userns
+++ b/lxc/lxc-debian-userns
@@ -64,7 +64,7 @@ parse_args() {
 	prog="${0}"
 	shift
 
-	options=$(getopt -o h -l help,path:,name:,rootfs:,mirror:,security-mirror:,auth-key:,release:,uidmap:,gidmap: -- "${@}")
+	options=$(getopt -o h -l help,path:,name:,rootfs:,mirror:,security-mirror:,auth-key:,release:,uidmap:,gidmap:,mapped-uid:,mapped-gid: -- "${@}")
 	if [ $? -ne 0 ]; then
 		usage "${prog}"
 		exit 1
@@ -86,6 +86,8 @@ parse_args() {
 			--auth-key)			auth_key=${2}; shift 2;;
 			--uidmap)           uidmap=${2}; shift 2;;
 			--gidmap)           gidmap=${2}; shift 2;;
+			--mapped-uid)		echo "Cannot run with lxc.idmap set in config. Use --uidmap/--gidmap template options instead."; exit 1; shift 2;;
+			--mapped-gid)		echo "Cannot run with lxc.idmap set in config. Use --uidmap/--gidmap template options instead."; exit 1; shift 2;;
 			*)					echo "programming error: found unknown opt ${1}"; exit 1; break;;
 		esac
 	done
@@ -143,6 +145,13 @@ install_debian() (
 )
 
 
+write_userns_to_config() (
+	# uses $path, $uidmap, $gidmap
+	printf "lxc.idmap = %s\n" "$(printf "%s" "${uidmap}" | tr ':' ' ')" >> "${path}/config"
+	printf "lxc.idmap = %s\n" "$(printf "%s" "${gidmap}" | tr ':' ' ')" >> "${path}/config"
+)
+
+
 parse_args "${0}" "${@}"
 
 check_required_binary "${0}" mmdebstrap || exit 1
@@ -151,3 +160,5 @@ check_required_binary "${0}" lxc-usernsexec || exit 1
 chown_mountpoint || exit 1
 
 install_debian
+
+write_userns_to_config