containers
/
podman
mirror of https://github.com/containers/podman.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
podman/pkg/specgenutil
History
Giuseppe Scrivano 192ad70e98
run: ignore PODMAN_USERNS with --pod 
the combination --pod and --userns is already blocked.  Ignore the
PODMAN_USERNS variable when a pod is used, since it would cause to
create a new user namespace for the container.

Ideally a container should be able to do that, but its user namespace
must be a child of the pod user namespace, not a sibling.  Since
nested user namespaces are not allowed in the OCI runtime specs,
disallow this case, since the end result is just confusing for the
user.

Closes: https://github.com/containers/podman/issues/18580

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
 		2023-05-17 16:49:16 +02:00
..
createparse.go pkg: switch to golang native error wrapping 2022-07-08 08:54:47 +02:00
ports.go pkg: switch to golang native error wrapping 2022-07-08 08:54:47 +02:00
ports_test.go Unit tests for pkg/specgenutil pkg/signal 2022-04-25 14:48:39 -05:00
specgen.go run: ignore PODMAN_USERNS with --pod 2023-05-17 16:49:16 +02:00
specgenutil_test.go The `--ulimit` option accepts the name with an `RLIMIT_` prefix both upper and lower case 2023-04-06 18:20:28 +04:00
util.go Add SQLite job to CI 2023-03-15 14:44:47 -04:00
util_test.go Unit tests for pkg/specgenutil pkg/signal 2022-04-25 14:48:39 -05:00
volumes.go Add containers.conf read-only flag support 2022-12-22 11:57:28 -05:00
volumes_test.go Run codespell on code 2022-11-04 10:57:41 -04:00