From cc890c8c4a39e9b52f69fc66640fbffdc2ab2e9f Mon Sep 17 00:00:00 2001
From: Alexander Mikhalitsyn <aleksandr.mikhalitsyn@canonical.com>
Date: Mon, 15 Apr 2024 14:53:06 +0200
Subject: [PATCH] lxd/device/device_utils_disk: fix diskAddRootUserNSEntry to
 add root mapping only if it's required

Fix diskAddRootUserNSEntry logic to correcly handle case when
we have not-groupped UID/GID mapping like this:
[{true false 1000 0 1} {false true 1000 0 1}]

because right now it assumes that mapping should be like
[{true true 1000 0 1}]

which is logically equivalent.

This become noticable after my change in #12718, before that
this issue in logic was reproducible only if user will do something like this:
  cat << EOF
uid $(id -u) 1000000
gid $(id -g) 1000000
EOF
  ) | lxc config set idmap raw.idmap -
which is an extremely rare usecase.

Fixes: #13325
Signed-off-by: Alexander Mikhalitsyn <aleksandr.mikhalitsyn@canonical.com>
---
 lxd/device/device_utils_disk.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lxd/device/device_utils_disk.go b/lxd/device/device_utils_disk.go
index 6df461345e6f..7e84609389c6 100644
--- a/lxd/device/device_utils_disk.go
+++ b/lxd/device/device_utils_disk.go
@@ -279,7 +279,7 @@ func diskAddRootUserNSEntry(idmaps []idmap.IdmapEntry, hostRootID int64) []idmap
 				needsNSGIDRootEntry = false // Root GID mapping already present.
 			}
 
-			if !needsNSUIDRootEntry && needsNSGIDRootEntry {
+			if !needsNSUIDRootEntry && !needsNSGIDRootEntry {
 				break // If we've found a root entry for UID and GID then we don't need to add one.
 			}
 		}