diff options
| author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2019-12-03 00:49:20 -0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-12-03 00:49:20 -0800 |
| commit | 9e361fd8513d74b4a1fb4e6c6dd58cc54635cf03 (patch) | |
| tree | 065cccf5641f6241da78a450bdbdee04d05c8dcb | |
| parent | 588156a9ef36c657e2b161a881d726aafa024ebb (diff) | |
| parent | 8cb1af9afc84e1cdcf39fc93f0eee75cc2ec1c74 (diff) | |
| download | podman-9e361fd8513d74b4a1fb4e6c6dd58cc54635cf03.tar.gz podman-9e361fd8513d74b4a1fb4e6c6dd58cc54635cf03.tar.bz2 podman-9e361fd8513d74b4a1fb4e6c6dd58cc54635cf03.zip | |
Merge pull request #4622 from rhatdan/rootless
Add comment on rootless containers creating device nodes
| -rw-r--r-- | rootless.md | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/rootless.md b/rootless.md index 4fb3c7deb..69de6db21 100644 --- a/rootless.md +++ b/rootless.md @@ -42,3 +42,5 @@ can easily fail * Pause and Unpause (Works with cgroup V2 support) * Issues with higher UIDs can cause builds to fail * If a build is attempting to use a UID that is not mapped into the user namespace mapping for a container, then builds will not be able to put the UID in an image. +* Making device nodes within a container fails, even when running --privileged. + * Kernel does not allow non root user processes (processes without CAP_MKNOD) to create device nodes. If container needs to create device nodes, it must be run as root. |