Merge pull request #1951 from karuboniru/main

Move notify handler before mounts to primary uid namespace

Author: giuseppe

src/libcrun/container.h

@@ -29,6 +29,7 @@ enum handler_configure_phase
   HANDLER_CONFIGURE_BEFORE_MOUNTS = 1,
   HANDLER_CONFIGURE_AFTER_MOUNTS,
   HANDLER_CONFIGURE_MOUNTS,
+  HANDLER_CONFIGURE_BEFORE_USERNS
 };
 
 struct custom_handler_manager_s;

src/libcrun/handlers/krun.c

@@ -467,7 +467,7 @@ libkrun_configure_container (void *cookie, enum handler_configure_phase phase,
         return crun_make_error (err, errno, "open `%s`", rootfs);
     }
 
-  if (phase == HANDLER_CONFIGURE_BEFORE_MOUNTS)
+  if (phase == HANDLER_CONFIGURE_BEFORE_USERNS)
     {
       cleanup_free char *origin_config_path = NULL;
       cleanup_free char *state_dir = NULL;

src/libcrun/linux.c

@@ -5033,6 +5033,11 @@ libcrun_run_linux_container (libcrun_container_t *container, container_entrypoin
   if (UNLIKELY (ret < 0))
     return ret;
 
+  ret = libcrun_container_notify_handler (args, HANDLER_CONFIGURE_BEFORE_USERNS, container,
+                                          container->container_def->root ? container->container_def->root->path : NULL, err);
+  if (UNLIKELY (ret < 0))
+    return ret;
+
   /* If a new user namespace must be created, but there are other namespaces to join, then delay
      the userns creation after the namespaces are joined.  */
   init_status.delayed_userns_create