--user flag not respected under (rootless) podman #123
Labels
help wanted
Extra attention is needed
Comments
|
Yes, not all container semantics are supported in libkrun, but this one should be relatively easy to adopt. Could you please explain a bit the use case? |
|
In general terms, this article covers a lot of the reasons for container images to still use a different user account even in rootless mode. For me specifically, I was using a 3rd-party containerised application that was configured to run as a non-root user witin the container. Edit: and more generally, 3rd-party containers that have been secured this way (with the expectation that they might be run under a rootful runtime), will break under libkrun otherwise. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Regardless of the value of
--user, pods started with (rootless) podman + krun have a UID/GID of 0 within the container.krun:
Another runtime (crun):
The text was updated successfully, but these errors were encountered: