You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
So, I know that rootless creates a new user namespace, but is there a way to share files between rootless containers and the outside system "while maintaining permissions" ? For instance, both working on a shared storage area. I know I can do chmod ugo+rwx file, but is it possible to keep the permissions across the two boundaries ? For instance, if a file is owned by root outside, root in the rootless container has rw access; if the file is owned by user 1000, then, of course, only both root and 1000 can rw the file, and so on. I'm running rootlesskit via docker - latest release of both.
The text was updated successfully, but these errors were encountered:
Yes, I understand that with rootless, we do not want a rootless container's "root" user to access the "real root" areas on the host. The situation we have is that the host Docker daemon runs as root and we're running rootless on top of this. There are other "regular" containers on the host running as root or some other users creating files that we would like our rootless containers to have access to. The shared area in question is actually a mount point where all containers are interacting -- it is not a location on the actual host system area containing host system files etc. What is the best approach for dealing with this situation ?
Hi,
So, I know that rootless creates a new user namespace, but is there a way to share files between rootless containers and the outside system "while maintaining permissions" ? For instance, both working on a shared storage area. I know I can do chmod ugo+rwx file, but is it possible to keep the permissions across the two boundaries ? For instance, if a file is owned by root outside, root in the rootless container has rw access; if the file is owned by user 1000, then, of course, only both root and 1000 can rw the file, and so on. I'm running rootlesskit via docker - latest release of both.
The text was updated successfully, but these errors were encountered: