On Tue, 31.05.16 16:05, Brandon Philips (bran...@ifup.co) wrote:
> Hello Everyone-
>
> The rkt container engine wants to run with different permissions pre-start
> and start. In pre-start it needs to fetch/download the container image
> which is an unprivileged operation. In start it needs admin
There could be a (potentially socket-activated) service that handles
requests for image downloads.
On Tue, May 31, 2016, 11:06 Brandon Philips wrote:
> Hello Everyone-
>
> The rkt container engine wants to run with different permissions pre-start
> and start. In pre-start it needs to fetch/downl
Hello Everyone-
The rkt container engine wants to run with different permissions pre-start
and start. In pre-start it needs to fetch/download the container image
which is an unprivileged operation. In start it needs admin level
permissions to start the container stage1 (e.g. systemd-nspawn) and mo