[Virtio-fs] [PATCH v3] virtiofsd: add container-friendly -o sandbox=chroot option
Chirantan Ekbote
chirantan at chromium.org
Mon Oct 19 09:43:41 UTC 2020
On Thu, Oct 8, 2020 at 5:55 PM Stefan Hajnoczi <stefanha at redhat.com> wrote:
>
> virtiofsd cannot run in a container because CAP_SYS_ADMIN is required to
> create namespaces.
>
In crosvm we deal with this by also creating a user namespace, which
then allows us to create the mount, net, and pid namespaces as well.
Could that also work for virtiofsd?
More information about the Virtio-fs
mailing list