Non Root option - Githubissues

kubernetes / node-problem-detector

This is a place for various problem detectors running on the Kubernetes nodes.

Apache License 2.0

2.95k stars 627 forks source link

Non Root option #837

Closed maurolms closed 6 months ago

maurolms commented 10 months ago

Is it possible to run the Container with a Non Root user? Didn`t see any reference that explicitly defines an user on the Dockerfile, so I was wondering if we could adopt a Non Root approach execution of the container.

k8s-triage-robot commented 7 months ago

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

After 90d of inactivity, lifecycle/stale is applied
After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

Mark this issue as fresh with /remove-lifecycle stale
Close this issue with /close
Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

k8s-triage-robot commented 6 months ago

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

After 90d of inactivity, lifecycle/stale is applied
After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

Mark this issue as fresh with /remove-lifecycle rotten
Close this issue with /close
Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle rotten

wangzhen127 commented 6 months ago

NPD's goal is to detect infra layer issues. So it needs to read logs in a place where non-privileged containers do not have permission.

/close

k8s-ci-robot commented 6 months ago

@wangzhen127: Closing this issue.

In response to [this](https://github.com/kubernetes/node-problem-detector/issues/837#issuecomment-2040287329): >NPD's goal is to detect infra layer issues. So it needs to read logs in a place where non-privileged containers do not have permission. > >/close Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.

wangzhen127 commented 6 months ago

Dup of https://github.com/kubernetes/node-problem-detector/issues/698