Map the chronos-access group into the container
The Downloads folder has permissions 0710, with the group set to
chronos-access (gid 1001). This group is not mapped into the container,
which leads to the Downloads folder having the "nobody" group. This
prevents the root user from inside the container from accessing the
files in the Downloads directory.
Create the chronos-access group inside the container and identity map in
gid 1001 so that the root user inside the container still has access to
the contents of Downloads.
TEST=`sudo ls /mnt/chromeos/MyFiles/Downloads/foo.txt` works inside the
Commit-Ready: ChromeOS CL Exonerator Bot <firstname.lastname@example.org>
Tested-by: Chirantan Ekbote <email@example.com>
Reviewed-by: Stephen Barber <firstname.lastname@example.org>
2 files changed
Tremplin is the “springboard” daemon that runs in the Termina VM and exposes a gRPC interface for managing LXD containers.