From 4652f5c3c69ad05165439eb37be290af3d1ab884 Mon Sep 17 00:00:00 2001 From: Daniel Lazaro Date: Wed, 24 Sep 2025 18:49:56 -0400 Subject: [PATCH] docs: clarify that --userns=keep-id runs container as host UID Fixes: #24934 Signed-off-by: Daniel Lazaro --- docs/source/markdown/options/userns.container.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/source/markdown/options/userns.container.md b/docs/source/markdown/options/userns.container.md index b128546f1c..a61cda2253 100644 --- a/docs/source/markdown/options/userns.container.md +++ b/docs/source/markdown/options/userns.container.md @@ -56,6 +56,8 @@ For details see **--uidmap**. **keep-id**: creates a user namespace where the current user's UID:GID are mapped to the same values in the container. For containers created by root, the current mapping is created into a new user namespace. + In addition, the init process within the container will run under the current user's UID. This behavior overrides the image's `USER` instruction unless you explicitly set `--user`. + Valid `keep-id` options: - *uid*=UID: override the UID inside the container that is used to map the current user to.