view release on metacpan or  search on metacpan

lib/App/LXC/Container/Run.pm  view on Meta::CPAN

	elsif ($mapped > 0)
	{   error('broken_user_mapping__1', ACCOUNT_FILES_STR);   }
	else
	{
	    my $lxc_etc = $self->{root} . '/etc/';
	    my $re_ids = $self->{user};
	    # TODO: Should we distinguish UIDs/GIDs?  For now we just simply
	    # add them all.  This has the charm that files of other users
	    # within the same group will be visible with their names in
	    # directory listings.  The disadvantage is making them known by
	    # name (but the password hashes are always safe):
	    foreach (@{$self->{uids}}, @{$self->{gids}})
	    {   $re_ids .= '|' . $_;   }
	    foreach (ACCOUNT_FILES)
	    {
		# remove first to be sure not to overwrite something linked:
		if (-f $lxc_etc . $_)
		{
		    unlink $lxc_etc . $_
			or  fatal 'can_t_remove__1__2', $lxc_etc . $_, $!;
		}
		open my $in, '<', $_root_etc . $_
		    or  fatal 'can_t_open__1__2', $_root_etc . $_, $!;
		open my $out, '>', $lxc_etc . $_
		    or  fatal 'can_t_open__1__2', $lxc_etc . $_, $!;
		while (<$in>)
		{
		    next unless m/(?:^|[:,])(?:$re_ids|root)(?:[:,]|$)/;
		    # If applicable, remove the encrypted password, as it's
		    # not needed inside of the container:
		    s/^([^:]+):([^!:*][^:*][^:]+):/$1:!:/;
		    print $out $_;
		}
		close $out;
		close $in;
	    }
	}
    }
}