unshare: Add options to identity map the user's subordinate uids and gids
--map-users=auto, --map-groups=auto and --map-auto allow automatically
mapping the first block of user or group IDs owned by the effective user
from /etc/sub[ug]id to a block starting at user ID 0. Add options
--map-users=subids, --map-groups=subids and --map-subids to perform a
mapping of the same IDs, but as an identity mapping instead of to UID 0.
This is useful in similar situations to --map-current-user, but preserves
access to the user's subordinate IDs. That allows nested namespaces to
be created with more complex user mappings, either with unshare or with
a container runtime such as podman.
Fixes: https://github.com/util-linux/util-linux/issues/3120 Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
projects / thirdparty / util-linux.git / commit
