From e09ee6059369c026ed7913e7e8b9bd8be856afd1 Mon Sep 17 00:00:00 2001 From: MasterofJOKers Date: Wed, 28 Jun 2023 18:25:29 +0200 Subject: [PATCH] lxc: Handle symlinks in rempa-uid-and-gid-for-lv I previously thought that handling symlinks would not be necessary and also not possible. Then, I found out about the `--no-dereference` option for `chown` ... --- lxc/remap-uid-and-gid-for-lv | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/lxc/remap-uid-and-gid-for-lv b/lxc/remap-uid-and-gid-for-lv index ca21fd1..bf24784 100755 --- a/lxc/remap-uid-and-gid-for-lv +++ b/lxc/remap-uid-and-gid-for-lv @@ -42,7 +42,19 @@ printf "uid: %s gid: %s\n" $ROOT_USER_ID $ROOT_GROUP_ID # We ignore links here, because they might not point to a valid location and would make our program fail. They are also # owned by whoever mounted the filesystem it seems, so don't need a chown. -find . -xdev -not -type l -printf "%U %G %p\n" | \ +# Funny enough, the above statement is not true. I see symlinks in the container that are not owned by a valid user +# inside the container ... +# chown +# -h, --no-dereference +# affect symbolic links instead of any referenced file (useful only on systems +# that can change the ownership of a symlink) +# +# --from=CURRENT_OWNER:CURRENT_GROUP +# change the owner and/or group of each file only if its current owner and/or +# group match those specified here. Either may be omitted, in which case a +# match is not required for the omitted attribute +# +find . -xdev -printf "%U %G %p\n" | \ while read F; do U=$(echo $F | cut -d ' ' -f 1) if [ ${U} -lt ${ROOT_USER_ID} ] || [ ${U} -gt $(( ${ROOT_USER_ID} + 65535 )) ]; then @@ -63,8 +75,8 @@ find . -xdev -not -type l -printf "%U %G %p\n" | \ fi P=$(echo $F | cut -d ' ' -f 3-) - printf "chown %s:%s %s\n" ${NEW_U} ${NEW_G} "${P}" - # chown ${NEW_U}:${NEW_G} "${P}" + printf "chown --no-dereference %s:%s %s\n" ${NEW_U} ${NEW_G} "${P}" + # chown --no-dereference ${NEW_U}:${NEW_G} "${P}" done cd /