ahmetozer · ahmetozer · Nov 11, 2025 · Nov 11, 2025 · Nov 11, 2025
diff --git a/pkg/container/cruntime/exec.go b/pkg/container/cruntime/exec.go
@@ -70,18 +70,16 @@ func Exec(c []string, chroot string, user string) (exitCode int, err error) {
 		// Cloneflags: unix.CLONE_NEWUTS,
 	}
 
-	if user != "" {
-		u, err2 := getUser(user)
-		if err2 != nil {
-			err = err2
-			return
-		}
+	u, err2 := getUser(user)
+	if err2 != nil {
+		err = err2
+		return
+	}
 
-		cmd.SysProcAttr.Credential = u.Credential
-		if u.User != nil && u.User.HomeDir != "" {
-			cmd.Dir = u.User.HomeDir
-			cmd.Env = append([]string{"HOME=" + u.User.HomeDir}, cmd.Env...)
-		}
+	cmd.SysProcAttr.Credential = u.Credential
+	if u.User != nil && u.User.HomeDir != "" {
+		cmd.Dir = u.User.HomeDir
+		cmd.Env = append([]string{"HOME=" + u.User.HomeDir}, cmd.Env...)
 	}
 
 	if chroot != "" {

diff --git a/pkg/container/cruntime/init.go b/pkg/container/cruntime/init.go
@@ -16,7 +16,7 @@ import (
 	"golang.org/x/sys/unix"
 )
 
-// Executed at namespace environement before real process
+// Executed at namespace environment before real process
 func ContainerInitProc() {
 	runtime.GOMAXPROCS(1)
 
@@ -124,21 +124,29 @@ func ContainerInitProc() {
 			return fmt.Errorf("unable to find %s: %s", c.ContArgs[0], err)
 		}
 
-		if c.Dir != "/" {
-			os.Chdir(c.Dir)
-		}
-
+		var environ []string
 		user, err := getUser(c.User)
 		if err != nil {
 			return err
 		}
+
+		if user.User != nil && user.User.HomeDir != "" {
+			environ = []string{"HOME=" + user.User.HomeDir}
+		}
+
+		environ = append(environ, os.Environ()...)
+
 		err = switchUser(user)
 		if err != nil {
 			return err
 		}
 
+		if c.Dir != "" {
+			os.Chdir(c.Dir)
+		}
+
 		// Jump to real process
-		if err := unix.Exec(execPath, append([]string{c.ContArgs[0]}, c.ContArgs[1:]...), os.Environ()); err != nil {
+		if err := unix.Exec(execPath, append([]string{c.ContArgs[0]}, c.ContArgs[1:]...), environ); err != nil {
 			return fmt.Errorf("unable to exec %s: %s", c.ContArgs[0], err)
 		}
 		return nil

diff --git a/pkg/container/cruntime/user.go b/pkg/container/cruntime/user.go
@@ -15,6 +15,18 @@ type User struct {
 
 func getUser(ug string) (User User, err error) {
 	if ug == "" {
+		// set default user to root
+		User.User = &os_user.User{
+			Uid:      "0",
+			Gid:      "0",
+			Username: "root",
+			Name:     "root",
+			HomeDir:  "/root",
+		}
+		User.Credential = &syscall.Credential{
+			Uid: 0,
+			Gid: 0,
+		}
 		return
 	}
 
@@ -24,6 +36,7 @@ func getUser(ug string) (User User, err error) {
 	)
 	user_group := strings.Split(ug, ":")
 
+	// if it's user id instead of username set username, else get user id from username
 	if uid, err = strconv.ParseUint(user_group[0], 10, 32); err != nil {
 		User.User, err = os_user.Lookup(user_group[0])
 		if err == nil {
@@ -44,6 +57,7 @@ func getUser(ug string) (User User, err error) {
 		user_group = append(user_group, user_group[0])
 	}
 
+	// if it's group id instead of groupname set groupid, else get user id from groupname
 	if gid, err = strconv.ParseUint(user_group[1], 10, 32); err != nil {
 		group, err := os_user.LookupGroup(user_group[1])
 		if err == nil {
@@ -69,6 +83,8 @@ func switchUser(user User) error {
 	}
 
 	if user.User.HomeDir != "" {
+		// error excepted because if home dir is not availbe
+		// expected behivor keep at /
 		os.Chdir(user.User.HomeDir)
 	}