proxmox-mirrors/mirror_lxc
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_lxc synced 2025-07-26 22:11:46 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

README: reword id mapping restrictions when unpriv

Browse Source 
Suggested-by: Serge Hallyn <serge@hallyn.com>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
This commit is contained in:
Christian Brauner 2017-05-29 06:02:24 +02:00
parent 486e37c80f
commit ac8f64dc73
No known key found for this signature in database
GPG Key ID: 8EB056D53EECB12D
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
README.md
View File

@ -70,10 +70,10 @@ quite restricted. Just to highlight the two most common problems:
inside of the container will not be able to boot up correctly.
2. User Namespaces: As outlined above, user namespaces are a big security
enhancement. However, users which are unprivileged on the host will only be
able to establish a mapping for their own UID if they do not rely on
privileged helpers. A standard POSIX system however, requires 65536 UIDs and
GIDs to be available to guarantee full functionality.
enhancement. However, without relying on privileged helpers users who are
unprivileged on the host are only permitted to map their own UID into
a container. A standard POSIX system however, requires 65536 UIDs and GIDs
to be available to guarantee full functionality.
## Configuration