From 0637eebefecd90819e6c98c99b56a0dc33ee6063 Mon Sep 17 00:00:00 2001
From: argetlam-coder <84507719+argetlam-coder@users.noreply.github.com>
Date: Wed, 5 Oct 2022 02:12:13 +0200
Subject: [PATCH] docker: add configuration for user namespace remapping (#121)

---
 config/config_docker.go         | 8 ++++++++
 environment/docker/container.go | 1 +
 server/install.go               | 1 +
 3 files changed, 10 insertions(+)

diff --git a/config/config_docker.go b/config/config_docker.go
index 689b98c..d509703 100644
--- a/config/config_docker.go
+++ b/config/config_docker.go
@@ -78,6 +78,14 @@ type DockerConfiguration struct {
 	Overhead Overhead `json:"overhead" yaml:"overhead"`
 
 	UsePerformantInspect bool `default:"true" json:"use_performant_inspect" yaml:"use_performant_inspect"`
+
+	// Sets the user namespace mode for the container when user namespace remapping option is
+	// enabled.
+	//
+	// If the value is blank, the daemon's user namespace remapping configuration is used,
+	// if the value is "host", then the pterodactyl containers are started with user namespace
+	// remapping disabled
+	UsernsMode string `default:"" json:"userns_mode" yaml:"userns_mode"`
 }
 
 // RegistryConfiguration defines the authentication credentials for a given
diff --git a/environment/docker/container.go b/environment/docker/container.go
index 366d45b..8f05963 100644
--- a/environment/docker/container.go
+++ b/environment/docker/container.go
@@ -261,6 +261,7 @@ func (e *Environment) Create() error {
 			"fowner", "fsetid", "net_bind_service", "sys_chroot", "setfcap",
 		},
 		NetworkMode: networkMode,
+		UsernsMode:  container.UsernsMode(config.Get().Docker.UsernsMode),
 	}
 
 	if _, err := e.client.ContainerCreate(ctx, conf, hostConf, nil, nil, e.Id); err != nil {
diff --git a/server/install.go b/server/install.go
index 8716d2d..d0259b5 100644
--- a/server/install.go
+++ b/server/install.go
@@ -449,6 +449,7 @@ func (ip *InstallationProcess) Execute() (string, error) {
 		},
 		Privileged:  true,
 		NetworkMode: container.NetworkMode(config.Get().Docker.Network.Mode),
+		UsernsMode: container.UsernsMode(config.Get().Docker.UsernsMode),
 	}
 
 	// Ensure the root directory for the server exists properly before attempting