[systemd-bugs] [Bug 82075] New: RFE: systemd-nspawn: user namespaces

Sat Aug 2 17:35:48 PDT 2014

https://bugs.freedesktop.org/show_bug.cgi?id=82075

          Priority: medium
            Bug ID: 82075
          Assignee: systemd-bugs at lists.freedesktop.org
           Summary: RFE: systemd-nspawn: user namespaces
        QA Contact: systemd-bugs at lists.freedesktop.org
          Severity: enhancement
    Classification: Unclassified
                OS: All
          Reporter: net147 at gmail.com
          Hardware: All
            Status: NEW
           Version: unspecified
         Component: general
           Product: systemd

If you run the "top" command on the host system, you will see processes from
inside systemd-nspawn containers.

Suppose that the host system has UID 1001 mapped to bob and the systemd-nspawn
container has UID 1001 mapped to joe. If the system-nspawn container has a
process started by "joe", the host system will see this process as being
started by "bob".

Ideally, it would be useful to map UID/GID ranges inside the container to
non-conflicting UID/GID ranges on the host to avoid this issue.

-- 
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/systemd-bugs/attachments/20140803/721dfcee/attachment.html>