[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [HTCondor-users] set docker user ID

On Jan 18, 2016, at 9:34 AM, Michael V Pelletier <Michael.V.Pelletier@xxxxxxxxxxxx> wrote:

From: Matthias Schnepf <udcqn@xxxxxxxxxxxxxxx>
Date: 01/18/2016 09:27 AM

> My question is: is there an option in HTCondor to set the user ID for
> the docker container?

Your workaround may be the way to go for the moment - looks like they just added user namespaces recently and it will be available in Docker 1.10 slated for next month.



User namespaces still tend to be turned off in many distributions: itâs a pretty big security change and thereâs been a lot of road-bumps.

Ubuntu has been the most aggressive in enabling them, leading to the following root-level exploit:

While I really enjoy having them on my development desktop, I suspect itâll take a bit to see them out on clusters.  So, it might be a bit more than a month...