-
There is already `--tmpfs`, `--dev`, `--proc`, and `--mqueue` for creating mount points for commonly namespaced mount points for sandboxing.
There is also `--unshare-cgroup` which creates the cgrou…
-
Hi - I'm wondering how the following can be achieved using `bindfs`.
An important note to what follows, I have `unshare` setuid:
``` bash
$ ls -la /usr/bin/unshare
-rwsr-xr-x 1 root root 10432 Jun 1…
-
I'm a brand new to img, and am trying to set up a platform that will build docker containers on AWS Fargate, as a Jenkins agent that build docker containers, runs AWS CLI, and Serverless.
When tryi…
-
The man page states:
> By default no caps are left in the sandboxed process.
Additionally one would expect `--ro-bind` to prevent writing by the sandboxed process.
However when started by uid…
-
Despite `become_method` being mentioned in the documentation and evaluated when set, `containers.podman.podman_unshare` is unable to function with any value for `become_method` other than `sudo`, due …
-
I have this scenario:
1. I want to start new process inside new user namespace (aka rootless container).
2. `unshare` syscall allows me to map `root` user only.
3. `podman` is able to map subids …
-
### Zig Version
0.13.0
### Steps to Reproduce and Observed Behavior
1. Using the standard `zig init` boilerplate
1. Write a little program that keeps running and doesn't exit:
`src/ma…
-
**Describe the bug**
1. `Copy` function on User > Histories Shared with Me doesn't do anything (UI "blinks" once quickly, but history not copied into account)
2. `Unshare` function on same view resu…
-
```
I am interested in examples of use of the user profiles api within the new java
client library. Ideally, I would be using it with something like 2-legged
OAuth for sharing/unsharing individual …
-
```
I am interested in examples of use of the user profiles api within the new java
client library. Ideally, I would be using it with something like 2-legged
OAuth for sharing/unsharing individual …