opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-10-18 03:33:32 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #24882 from giuseppe/keep-id-size

Browse Source 
namespaces: allow configuring keep-id userns size
This commit is contained in:
openshift-merge-bot[bot]
2025-01-08 18:29:05 +00:00
committed by GitHub
parent 0798f54e94 b0b1d19723
commit 2e1e7107b7
6 changed files with 102 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
docs/source/markdown/options/userns.container.md
View File

@ -40,7 +40,7 @@ Podman allocates unique ranges of UIDs and GIDs from the `containers` subordinat
The option `--userns=keep-id` uses all the subuids and subgids of the user.
The option `--userns=nomap` uses all the subuids and subgids of the user except the user's own ID.
Using `--userns=auto` when starting new containers does not work as long as any containers exist that were started with `--userns=keep-id` or `--userns=nomap`.
Using `--userns=auto` when starting new containers does not work as long as any containers exist that were started with `--userns=nomap` or `--userns=keep-id` without limiting the user namespace size.
Valid `auto` options:
@ -62,6 +62,7 @@ For details see **--uidmap**.
- *uid*=UID: override the UID inside the container that is used to map the current user to.
- *gid*=GID: override the GID inside the container that is used to map the current user to.
- *size*=SIZE: override the size of the configured user namespace. It is useful to not saturate all the available IDs. Not supported when running as root.
**nomap**: creates a user namespace where the current rootless user's UID:GID are not mapped into the container. This option is not allowed for containers created by the root user.