summarylogtreecommitdiffstats
path: root/0002-give-larger-idmappings-upward-of-nobody.patch
blob: 19a2d014bfcdec6d5de587c04d8b557f696de011 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55

From a2820a2278922c6ffd4610719a45d0c4a550bda4 Mon Sep 17 00:00:00 2001
From: Christian Brauner <brauner@kernel.org>
Date: Mon, 24 Jan 2022 17:34:51 +0100
Subject: [PATCH] homed: give users larger idmappings uperward of UID_NOBODY

When using systemd-homed with idmapped mounts to manage home directories
systemd will allocate a uid for the user in the range of
HOME_UID_MIN/60001, HOME_UID_MAX/60513. Say systemd allocated 60370 as
the users uid. It will then create an idmapped mount with the following
idmapping for the user's home directory:

0 0 60001
60370 60370 1
60513 60513 5021

The problem is that this will prevent users from running containers as
nothing is mapped post UID_NOBODY. Give the users a 10m range starting
from UID_NOBODY + 1 this is enough to run variety of isolated containers.

Issues with the current approach were reported on the systemd-devel
mailing list.
---
 src/home/home-util.h      | 1 +
 src/home/homework-mount.c | 6 ++++++
 2 files changed, 7 insertions(+)

diff --git a/src/home/home-util.h b/src/home/home-util.h
index 69a88000f845..4b2dc52ab64a 100644
--- a/src/home/home-util.h
+++ b/src/home/home-util.h
@@ -11,6 +11,7 @@
 /* See https://systemd.io/UIDS-GIDS for details how this range fits into the rest of the world */
 #define HOME_UID_MIN 60001
 #define HOME_UID_MAX 60513
+#define HOME_UID_RANGE_MAX 10000000
 
 /* Put some limits on disk sizes: not less than 5M, not more than 5T */
 #define USER_DISK_SIZE_MIN (UINT64_C(5)*1024*1024)
diff --git a/src/home/homework-mount.c b/src/home/homework-mount.c
index 0b028dad3769..89b9cddf0949 100644
--- a/src/home/homework-mount.c
+++ b/src/home/homework-mount.c
@@ -209,6 +209,12 @@ static int make_userns(uid_t stored_uid, uid_t exposed_uid) {
         if (r < 0)
                 return log_oom();
 
+        /* Map HOME_UID_RANGE_MAX ids upwards of UID_NOBODY to let unprivileged
+         * users run containers and other shenanigans. */
+        r = strextendf(&text, UID_FMT " " UID_FMT " " UID_FMT "\n", UID_NOBODY + 1, UID_NOBODY + 1, HOME_UID_RANGE_MAX);
+        if (r < 0)
+                return log_oom();
+
         /* Leave everything else unmapped, starting from UID_NOBODY itself. Specifically, this means the
          * whole space outside of 16bit remains unmapped */