reintroduce store: allow shifting only with contiguous mappings

[giuseppe]

reintroduce store: allow shifting only with contiguous mappings after it was reverted.

enable fuse-overlayfs shifting only when the specified mapping is contiguous.

Closes: containers/podman#10272

Signed-off-by: Giuseppe Scrivano [email protected]

The difference with the first version:

diff --git a/store.go b/store.go
index 22f932698..759407c63 100644
--- a/store.go
+++ b/store.go
@@ -1114,7 +1114,7 @@ func (s *store) CreateImage(id string, names []string, layer, metadata string, o
 func (s *store) imageTopLayerForMapping(image *Image, ristore ROImageStore, createMappedLayer bool, rlstore LayerStore, lstores []ROLayerStore, options types.IDMappingOptions) (*Layer, error) {
        layerMatchesMappingOptions := func(layer *Layer, options types.IDMappingOptions) bool {
                // If the driver supports shifting and the layer has no mappings, we can use it.
-               if s.canUseShifting(layer.UIDMap, layer.GIDMap) && len(layer.UIDMap) == 0 && len(layer.GIDMap) == 0 {
+               if s.canUseShifting(options.UIDMap, options.GIDMap) && len(layer.UIDMap) == 0 && len(layer.GIDMap) == 0 {
                        return true
                }
                // If we want host mapping, and the layer uses mappings, it's not the best match.
@@ -2706,7 +2706,7 @@ func (s *store) Mount(id, mountLabel string) (string, error) {
                                options.Volatile = v.(bool)
                        }
                }
-               options.DisableShifting = true
+               options.DisableShifting = !s.canUseShifting(container.UIDMap, container.GIDMap)
        }
        return s.mount(id, options)
 }

with this patch I get:

$ ./bin/podman run --rm --userns=keep-id  fedora  stat -c '%u:%g:%n'  /etc
0:0:/etc

[rhatdan]

LGTM

[rhatdan]

@vrothberg @saschagrunert @TomSweeneyRedHat @nalind @ashley-cui @umohnani8 PTAL

[vrothberg]

LGTM