[Container-tools] what part of podman still *requires* root privilege?
Daniel Walsh
dwalsh at redhat.com
Mon Apr 1 23:03:31 UTC 2019
On 3/31/19 12:31 PM, Chris Negus wrote:
> ----- Original Message -----
>> On 3/31/19 4:57 AM, Robert P. J. Day wrote:
>>> On Sun, 31 Mar 2019, Muayyad AlSadi wrote:
>>>
>>>> the latest podman can work fine without the need for root
>>>>
>>>> you need root if you want to do privileged things in the host like binding
>>>> to privilidged ports <1024, for example
>>>> podman run -p 80:80
>>>> but as far as the container is concerned you can work fully non-root, ex
>>>> -p 8080:80
>>>>
>>>> I've tested fully unprivileged to run a complex stack
>>>>
>>>> https://github.com/muayyad-alsadi/podman-compose
>>>> https://twitter.com/muayyadalsadi/status/1105047189880012800
>>> excellent, that's what i wanted to know, thanks.
>>>
>>> rday
>>>
>> We actually have a whole list of items that you can't do as non root,
>> but I think it is only external right now. We need to make this public.
> Is there a list somewhere of the items requiring root privilege. I can put it in the user docs.
>
> -- Chris Negus
I just opened a PR to document them.
https://github.com/containers/libpod/pull/2820
>
>> _______________________________________________
>> Container-tools mailing list
>> Container-tools at redhat.com
>> https://www.redhat.com/mailman/listinfo/container-tools
>>
More information about the Container-tools
mailing list