[Container-tools] what part of podman still *requires* root privilege?
Muayyad AlSadi
alsadi at gmail.com
Sun Mar 31 08:12:25 UTC 2019
the latest podman can work fine without the need for root
you need root if you want to do privileged things in the host like binding
to privilidged ports <1024, for example podman run -p 80:80
but as far as the container is concerned you can work fully non-root, ex -p
8080:80
I've tested fully unprivileged to run a complex stack
https://github.com/muayyad-alsadi/podman-compose
https://twitter.com/muayyadalsadi/status/1105047189880012800
On Sat, Mar 30, 2019 at 10:50 PM Robert P. J. Day <rpjday at crashcourse.ca>
wrote:
>
> currently messing with podman 1.1.2 on fedora 30 branched, and while
> reading doug tidwell's online piece, "Podman - The next generation of
> Linux container tools",
>
>
> https://developers.redhat.com/articles/podman-next-generation-linux-container-tools/
>
> i noticed the claim:
>
> "The goal for podman version 1.0 is that the command should never
> require root access."
>
> however, the man page states:
>
> "Most Podman commands can be run as a regular user, without requiring
> additional privileges.
>
> i am simply curious about the disconnect there -- what parts of
> podman still require root access given the previous goal? thanks.
>
> rday
>
> --
>
> ========================================================================
> Robert P. J. Day Ottawa, Ontario, CANADA
> http://crashcourse.ca
>
> Twitter: http://twitter.com/rpjday
> LinkedIn: http://ca.linkedin.com/in/rpjday
> ========================================================================
>
> _______________________________________________
> Container-tools mailing list
> Container-tools at redhat.com
> https://www.redhat.com/mailman/listinfo/container-tools
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/container-tools/attachments/20190331/8938188f/attachment.htm>
More information about the Container-tools
mailing list