Relaxed checking of userns_mode

When using docker-compose in combination with rootless podman containers it is desirable to use the keep-id user namespace mapping. By lifting the restriction to 'host' the userns_mode config can now be used with podman to supply the keep-id or more complex configurations. Signed-off-by: Jonathan Hettwer (bauen1) <[email protected]>
docker · Feb 29, 2024 · 2cebb82 · 2cebb82
1 parent bd164f9
commit 2cebb82
Showing 1 changed file with 7 additions and 2 deletions.
diff --git a/docker/types/containers.py b/docker/types/containers.py
@@ -544,8 +544,13 @@ def __init__(self, version, binds=None, port_bindings=None,
             if version_lt(version, '1.23'):
                 raise host_config_version_error('userns_mode', '1.23')
 
-            if userns_mode != "host":
-                raise host_config_value_error("userns_mode", userns_mode)
+            # Do not check that userns_mode has a specific value, i.e. 'host'
+            # since more complex values might be supported by the daemon exposing
+            # the docker api, e.g. podman also supports 'keep-id'
+
+            if not isinstance(userns_mode, str):
+                raise host_config_type_error('userns_mode', userns_mode, 'string')
+
             self['UsernsMode'] = userns_mode
 
         if uts_mode: