Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Using runc inside a pod in kubernetes with least privileges #2526

Open
ashokponkumar opened this issue Jul 22, 2020 · 0 comments
Open

Using runc inside a pod in kubernetes with least privileges #2526

ashokponkumar opened this issue Jul 22, 2020 · 0 comments

Comments

@ashokponkumar
Copy link
Contributor

I am currently able to run a container within a Openshift/Kubernetes pod, with the below security context for the container.

  securityContext:
    privileged: true
    runAsUser: 0

When I remove either of them, I am running into multiple errors. Currently I am using ubi8 as the base image.

Just wondering what would be the minimum permissions I need to grand to the container for me to be able to successfully execute runc inside the container. I have read multiple blog posts and issues, but could not find a single simple list. From this PR, I understand that running rootless should be possible. But want to know the bare minimum mandatory permissions.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants