From a3ef0360f8f37367067a480968fe6c433e12d1b5 Mon Sep 17 00:00:00 2001 From: "W. Trevor King" Date: Thu, 6 Apr 2017 22:18:10 -0700 Subject: [PATCH] config: process.user.username is implementation-defined on Windows On POSIX (currently Linux and Solaris), `uid` and `gid` are required. My preferred approach here is to make those optional and use platform defaults [1,2]: If unset, the runtime will not attempt to manipulate the user ID (e.g. not calling setuid(2) or similar). But the maintainer consensus is that they want those to be explicitly required properties [3,4,5]. The Windows `username`, on the other hand, was optional, although the default behavior is unclear. I see no discussion in f9e48e00 (Windows: User struct changes, 2016-09-14, #565) or its pull-request discussion to suggest whether this was intentionally approved or not. When I asked whether the optional-ness was intentional, Michael said [6]: No, both should be made explicit unless there is something on windows that prohibits this. However, when I filed a pull request to make the property required, John pushed back [7] and prefered implementation-defined default behavior. I'm still not clear if that satisfies Michael's "prohibits" condition, but having optional user values is closer to my personal preference than requiring the property, and John seems to be fairly strongly against requiring the property, so this commit documents the default value to make the OPTIONAL-ness useful. I've also added the property to the JSON Schema for validation. The empty-string bit follows wording from 'annotations', and avoids ambiguity with the non-pointer Go property. I doubt empty-string usernames would work, and having the restriction in the spec allows for us to validate this in runtime-tools (vs. passing validation and then failing to launch a container when the runtime chokes on the empty string). [1]: https://groups.google.com/a/opencontainers.org/forum/#!topic/dev/DWdystx5X3A [2]: https://github.com/opencontainers/runtime-spec/pull/417#issuecomment-216076069 Subject: Exposing platform defaults Date: Thu, 14 Jan 2016 15:36:26 -0800 Message-ID: <20160114233625.GN6362@odin.tremily.us> [3]: http://ircbot.wl.linuxfoundation.org/meetings/opencontainers/2016/opencontainers.2016-05-04-17.00.log.html#l-44 [4]: https://github.com/opencontainers/runtime-spec/pull/417#issuecomment-216937010 [5]: https://github.com/opencontainers/runtime-spec/pull/417#issuecomment-216937090 [6]: https://github.com/opencontainers/runtime-spec/issues/618#issuecomment-277105273 [7]: https://github.com/opencontainers/runtime-spec/pull/760#issuecomment-292446626 [8]: https://github.com/opencontainers/runtime-spec/pull/760#issuecomment-296731380 Signed-off-by: W. Trevor King --- config.md | 2 ++ schema/config-schema.json | 5 +++++ 2 files changed, 7 insertions(+) diff --git a/config.md b/config.md index efaf0a0e5..8ed840406 100644 --- a/config.md +++ b/config.md @@ -260,6 +260,8 @@ _Note: symbolic name for uid and gid, such as uname and gname respectively, are For Windows based systems the user structure has the following fields: * **`username`** (string, OPTIONAL) specifies the user name for the process. + The value MUST NOT be an empty string. + The default `username` is implementation-defined. ### Example (Windows) diff --git a/schema/config-schema.json b/schema/config-schema.json index 87e46dfef..ebba3fcb6 100644 --- a/schema/config-schema.json +++ b/schema/config-schema.json @@ -130,6 +130,11 @@ "additionalGids": { "id": "https://opencontainers.org/schema/bundle/process/user/additionalGids", "$ref": "defs.json#/definitions/ArrayOfGIDs" + }, + "username": { + "id": "https://opencontainers.org/schema/bundle/process/user/username", + "type": "string", + "minLength": 1 } } },