// SetupUser changes the groups, gid, and uid for the user inside the container
func SetupUser(u string) error {
uid, gid, suppGids, home, err := user.GetUserGroupSupplementaryHome(u, syscall.Getuid(), syscall.Getgid(), "/")
if err != nil {
return fmt.Errorf("get supplementary groups %s", err)
}
if err := syscall.Setgroups(suppGids); err != nil {
return fmt.Errorf("setgroups %s", err)
}
if err := syscall.Setgid(gid); err != nil {
return fmt.Errorf("setgid %s", err)
}
if err := syscall.Setuid(uid); err != nil {
return fmt.Errorf("setuid %s", err)
}
// if we didn't get HOME already, set it based on the user's HOME
if envHome := os.Getenv("HOME"); envHome == "" {
if err := os.Setenv("HOME", home); err != nil {
return fmt.Errorf("set HOME %s", err)
}
}
return nil
}
func realMain() int {
err := dockerVersionCheck()
if err != nil {
fmt.Fprintf(os.Stderr, "Docker version error: %v", err)
return 1
}
username, homedir, uid, gid, err := getCurrentUser()
if err != nil {
fmt.Fprintf(os.Stderr, "could not get current user: %v", err)
return 1
}
config, err := loadAllConfig(username, homedir)
if err != nil {
fmt.Fprintf(os.Stderr, "Could not load config: %v\n", err)
return 1
}
configInterpolations := configInterpolation{homedir, username}
err = getInterpolatedConfig(&config, configInterpolations)
if err != nil {
panic(fmt.Sprintf("Cannot interpolate config: %v", err))
}
_, err = dockerpid(config.ContainerName)
if err != nil {
_, err = dockerstart(config)
if err != nil {
fmt.Fprintf(os.Stderr, "could not start container: %s\n", err)
return 1
}
}
_, _, groups, _, err := user.GetUserGroupSupplementaryHome(username, 65536, 65536, "/")
err = nsenterexec(config.ContainerName, uid, gid, groups, config.UserCwd, config.Shell)
if err != nil {
fmt.Fprintf(os.Stderr, "Error starting shell in new container: %v\n", err)
return 1
}
return 0
}
func realMain() int {
username, homedir, uid, gid, err := getCurrentUser()
if err != nil {
fmt.Fprintf(os.Stderr, "could not get current user: %v", err)
return 1
}
config, err := loadAllConfig(username, homedir)
if err != nil {
fmt.Fprintf(os.Stderr, "Could not load config: %v\n", err)
return 1
}
configInterpolations := configInterpolation{homedir, username}
realUsername := tmplConfigVar(config.ContainerUsername, &configInterpolations)
realHomedirTo := tmplConfigVar(config.MountHomeTo, &configInterpolations)
realHomedirFrom := tmplConfigVar(config.MountHomeFrom, &configInterpolations)
realImageName := tmplConfigVar(config.ImageName, &configInterpolations)
realShell := tmplConfigVar(config.Shell, &configInterpolations)
realUserCwd := tmplConfigVar(config.UserCwd, &configInterpolations)
realContainerName := tmplConfigVar(config.ContainerName, &configInterpolations)
_, err = dockerpid(realContainerName)
if err != nil {
_, err = dockerstart(realUsername, realHomedirFrom, realHomedirTo, realContainerName, realImageName, config.DockerSocket, config.MountHome, config.MountTmp, config.MountDockerSocket, config.Entrypoint, config.Cmd, config.DockerOpt)
if err != nil {
fmt.Fprintf(os.Stderr, "could not start container: %s\n", err)
return 1
}
}
_, _, groups, _, err := user.GetUserGroupSupplementaryHome(username, 65536, 65536, "/")
err = nsenterexec(realContainerName, uid, gid, groups, realUserCwd, realShell)
if err != nil {
fmt.Fprintf(os.Stderr, "Error starting shell in new container: %v\n", err)
return 1
}
return 0
}