Merge pull request #4996 from baude/rootlessnetns

[CI:DOCS]rootless exec cannot join root namespace
2025-06-21 01:19:15 +08:00 · 2020-01-28 04:54:50 -08:00
parent 3b574dde6c 9de18a1704
commit b94f313fe6
1 changed files with 1 additions and 0 deletions
--- a/rootless.md
+++ b/rootless.md
@ -44,3 +44,4 @@ can easily fail
  * If a build is attempting to use a UID that is not mapped into the user namespace mapping for a container, then builds will not be able to put the UID in an image.
 * Making device nodes within a container fails, even when running --privileged.
  * The kernel does not allow non root user processes (processes without CAP_MKNOD) to create device nodes.  If a container needs to create device nodes, it must be run as root.
+* When using --net=host with rootless containers, subsequent podman execs to that container will not join the host network namespace because it is owned by root.