Adjust subuid/gid range to a valid range

corneliusweig / kubernetes-lxd

A step-by-step guide to get kubernetes running inside an LXC container

295 stars 52 forks source link

Adjust subuid/gid range to a valid range #7

Closed lienharc closed 4 years ago

lienharc commented 4 years ago

Even though the container is privileged, with the current ranges of 1,000,000:1,000,000,000 the folders /proc and /sys belong to nobody which would be a sign of an unprivileged container. The problem seems to be fixed if the range starts at 100,000.

corneliusweig commented 4 years ago

Don't I know you 😉? Maybe this depends on the system, but more likely it was just wrong. So thanks for providing a fix! I only have a minor nit: could you signoff your commit? git commit --amend --signoff and git push --force-with-lease should do the trick.

lienharc commented 4 years ago

Fixed. Yes you know me :grin:

corneliusweig commented 4 years ago

Great, thanks for contributing!

thepenguinthatwants commented 4 years ago

As the

:100000:1000000000 Does the userid mean the number or the letters? My username is johnie, but the id uid is 1000 1000:100000:1000000000 looks bit weird so I am unsure

corneliusweig commented 4 years ago

@thepenguinthatwants I'm not sure I get what you mean. Do you still face a problem?