Re: [systemd-devel] systemd-nspawn create container under unprivileged user

On Wed, 11.02.15 13:53, Djalal Harouni (tix...@opendz.org) wrote: On Tue, Feb 10, 2015 at 12:52:34PM +0100, Lennart Poettering wrote: On Thu, 05.02.15 02:03, Vasiliy Tolstov (v.tols...@selfip.ru) wrote: Hello! Does it possible to create container as regular user? Oh what capabilities

Re: [systemd-devel] systemd-nspawn create container under unprivileged user

On Wed, Feb 11, 2015 at 05:06:56PM +0100, Lennart Poettering wrote: On Wed, 11.02.15 13:53, Djalal Harouni (tix...@opendz.org) wrote: On Tue, Feb 10, 2015 at 12:52:34PM +0100, Lennart Poettering wrote: On Thu, 05.02.15 02:03, Vasiliy Tolstov (v.tols...@selfip.ru) wrote: Hello!

Re: [systemd-devel] systemd-nspawn create container under unprivileged user

On Tue, Feb 10, 2015 at 12:52:34PM +0100, Lennart Poettering wrote: On Thu, 05.02.15 02:03, Vasiliy Tolstov (v.tols...@selfip.ru) wrote: Hello! Does it possible to create container as regular user? Oh what capabilities i need to add to create container not using root? Invoking

Re: [systemd-devel] systemd-nspawn create container under unprivileged user

On Thu, 05.02.15 02:03, Vasiliy Tolstov (v.tols...@selfip.ru) wrote: Hello! Does it possible to create container as regular user? Oh what capabilities i need to add to create container not using root? Invoking containers without privileges is not supported by nspawn, and this is unlikely to

Re: [systemd-devel] systemd-nspawn create container under unprivileged user

2015-02-05 12:44 GMT+03:00 Alban Crequy alban.cre...@gmail.com: Manual page namespaces(7): Creation of new namespaces using clone(2) and unshare(2) in most cases requires the CAP_SYS_ADMIN capability. User namespaces are the exception: since Linux 3.8, no privilege is

Re: [systemd-devel] systemd-nspawn create container under unprivileged user

On 5 February 2015 at 12:48, Vasiliy Tolstov v.tols...@selfip.ru wrote: 2015-02-05 12:44 GMT+03:00 Alban Crequy alban.cre...@gmail.com: Manual page namespaces(7): Creation of new namespaces using clone(2) and unshare(2) in most cases requires the CAP_SYS_ADMIN capability.

Re: [systemd-devel] systemd-nspawn create container under unprivileged user

[reposting - sorry I forgot to Cc the mailing list] On 4 February 2015 at 23:03, Vasiliy Tolstov v.tols...@selfip.ru wrote: Hello! Does it possible to create container as regular user? Oh what capabilities i need to add to create container not using root? Hello, Manual page namespaces(7):

[systemd-devel] systemd-nspawn create container under unprivileged user

Hello! Does it possible to create container as regular user? Oh what capabilities i need to add to create container not using root? -- Vasiliy Tolstov, e-mail: v.tols...@selfip.ru jabber: v...@selfip.ru ___ systemd-devel mailing list