config: process.user.username is implementation-defined on Windows

On POSIX (currently Linux and Solaris), `uid` and `gid` are required. My preferred approach here is to make those optional and use platform defaults [1,2]: If unset, the runtime will not attempt to manipulate the user ID (e.g. not calling setuid(2) or similar). But the maintainer consensus is that they want those to be explicitly required properties [3,4,5]. The Windows `username`, on the other hand, was optional, although the default behavior is unclear. I see no discussion in f9e48e0 (Windows: User struct changes, 2016-09-14, opencontainers#565) or its pull-request discussion to suggest whether this was intentionally approved or not. When I asked whether the optional-ness was intentional, Michael said [6]: No, both should be made explicit unless there is something on windows that prohibits this. However, when I filed a pull request to make the property required, John pushed back [7] and prefered implementation-defined default behavior. I'm still not clear if that satisfies Michael's "prohibits" condition, but having optional user values is closer to my personal preference than requiring the property, and John seems to be fairly strongly against requiring the property, so this commit documents the default value to make the OPTIONAL-ness useful. I've also added the property to the JSON Schema for validation. The empty-string bit follows wording from 'annotations', and avoids ambiguity with the non-pointer Go property. I doubt empty-string usernames would work, and having the restriction in the spec allows for us to validate this in runtime-tools (vs. passing validation and then failing to launch a container when the runtime chokes on the empty string). [1]: https://groups.google.com/a/opencontainers.org/forum/#!topic/dev/DWdystx5X3A [2]: opencontainers#417 (comment) Subject: Exposing platform defaults Date: Thu, 14 Jan 2016 15:36:26 -0800 Message-ID: <20160114233625.GN6362@odin.tremily.us> [3]: http://ircbot.wl.linuxfoundation.org/meetings/opencontainers/2016/opencontainers.2016-05-04-17.00.log.html#l-44 [4]: opencontainers#417 (comment) [5]: opencontainers#417 (comment) [6]: opencontainers#618 (comment) [7]: opencontainers#760 (comment) [8]: opencontainers#760 (comment) Signed-off-by: W. Trevor King <wking@tremily.us>
wking · Apr 24, 2017 · a3ef036 · a3ef036
1 parent 4754b55
commit a3ef036
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 0 deletions.
diff --git a/config.md b/config.md
@@ -260,6 +260,8 @@ _Note: symbolic name for uid and gid, such as uname and gname respectively, are
 For Windows based systems the user structure has the following fields:
 
 * **`username`** (string, OPTIONAL) specifies the user name for the process.
+    The value MUST NOT be an empty string.
+    The default `username` is implementation-defined.
 
 ### Example (Windows)
 

diff --git a/schema/config-schema.json b/schema/config-schema.json
@@ -130,6 +130,11 @@
                         "additionalGids": {
                             "id": "https://opencontainers.org/schema/bundle/process/user/additionalGids",
                             "$ref": "defs.json#/definitions/ArrayOfGIDs"
+                        },
+                        "username": {
+                            "id": "https://opencontainers.org/schema/bundle/process/user/username",
+                            "type": "string",
+                            "minLength": 1
                         }
                     }
                 },