Skip to content

add uid/gid mapping to mount #296

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
utam0k merged 5 commits into from
Dec 29, 2025
Merged

add uid/gid mapping to mount #296

utam0k merged 5 commits into from
Dec 29, 2025
+74 −1

Conversation

@YamasouA
Copy link
Contributor

@YamasouA YamasouA commented Oct 11, 2025

What type of PR is this?

/kind feature

What this PR does / why we need it:

We support idmapped mount
youki-dev/youki#2307

Which issue(s) this PR fixes:

Closed. #295

Special notes for your reviewer:

ref

Does this PR introduce a user-facing change?

 It adds support for the uidMappings/gidMappings fields on Mount, exposing them in the JSON schema so users can express ID‑mapped mounts.

@saschagrunert
Copy link
Contributor

saschagrunert commented Oct 13, 2025

@YamasouA thank you for the PR, do you mind signing-off the commit?

@YamasouA
add uid/gid mapping config
ad0a564 
Signed-off-by: YamasouA <akiakiskyhand@gmail.com>
@YamasouA
cargo fmt
82016e2 
Signed-off-by: Akiyama <akiakiskyhand@gmail.com>
@YamasouA
Copy link
Contributor Author

YamasouA commented Oct 14, 2025

@saschagrunert
Thanks for your review, I signing-off the commit.

saschagrunert
saschagrunert reviewed Nov 3, 2025
View reviewed changes
src/runtime/miscellaneous.rs
Comment on lines 80 to 95

#[serde(
default,
skip_serializing_if = "Option::is_none",
rename = "uidMappings"
)]
/// UID mappings used for changing file owners w/o calling chown, fs should support it. Every mount point could have its own mapping.
uid_mappings: Option<Vec<LinuxIdMapping>>,

#[serde(
default,
skip_serializing_if = "Option::is_none",
rename = "gidMappings"
)]
/// GID mappings used for changing file owners w/o calling chown, fs should support it. Every mount point could have its own mapping.
gid_mappings: Option<Vec<LinuxIdMapping>>,
Copy link
Contributor

@saschagrunert saschagrunert Nov 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

According to the OCI spec, uidMappings and gidMappings must be specified together. The current implementation allows setting one without the other.

I'd say we could add validation in the builder or as a separate validation method, like:

  • Add a custom build() validation in derive_builder
  • Add a validation method on Mount to check consistency
  • Document this requirement in the field comments

src/runtime/miscellaneous.rs Outdated
skip_serializing_if = "Option::is_none",
rename = "uidMappings"
)]
/// UID mappings used for changing file owners w/o calling chown, fs should support it. Every mount point could have its own mapping.
Copy link
Contributor

@saschagrunert saschagrunert Nov 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How about being a bit more verbose here:

Suggested change
/// UID mappings used for changing file owners w/o calling chown, fs should support it. Every mount point could have its own mapping.
/// UID mappings for ID-mapped mounts (Linux 5.12+).
///
/// Specifies how to map UIDs from the source filesystem to the destination mount point.
/// This allows changing file ownership without calling chown.
///
/// **Important**: If specified, gid_mappings MUST also be specified.
/// The mount options SHOULD include "idmap" or "ridmap".
///
/// See: https://github.com/opencontainers/runtime-spec/blob/main/config.md#posix-platform-mounts

Copy link
Contributor Author

@YamasouA YamasouA Dec 27, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@saschagrunert
Sorry for the late response.
I've fixed your review comments.

@YamasouA
fix review comment
fa72ef6 
Signed-off-by: Akiyama <akiakiskyhand@gmail.com>
@utam0k
Copy link
Member

utam0k commented Dec 29, 2025

@YamasouA May I ask you to check the failed CI?

@YamasouA
fix format
54138ad 
Signed-off-by: Akiyama <akiakiskyhand@gmail.com>
@YamasouA
tweak
9e8d302 
Signed-off-by: Akiyama <akiakiskyhand@gmail.com>
@YamasouA
Copy link
Contributor Author

YamasouA commented Dec 29, 2025

@utam0k
Thank you for your review!
I fix your review comment!

@utam0k
Copy link
Member

utam0k commented Dec 29, 2025

Thanks!

@utam0k utam0k merged commit d21e23b into youki-dev:main Dec 29, 2025
16 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@saschagrunert saschagrunert saschagrunert left review comments

@utam0k utam0k utam0k approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@YamasouA @saschagrunert @utam0k