Le 06/04/2015 06:52 PM, Christopher Samuel a écrit : > > On 20/05/15 03:15, Kilian Cavalotti wrote: > >> One major downside to running Docker containers in a shared HPC >> cluster (to me at least), is that the default user in a container is >> root. > > One thing that has occurred to me is that the whole point of containers > is that they are using the kernel namespace features and so whilst the > user inside the container is root that is only inside their own user > namespace, that does not (should not!) correspond to root on the host > itself (there's a mapping file to determine who they are mapped to).
Docker does not uses user namespaces yet, so root inside the container is a cripled root but still root: https://github.com/docker/docker/issues/7906 Regards -- Thomas HAMEL OVH.com +33 1 49 58 45 70 [email protected] OVH GS 6bis Rue Riquet, 75019 Paris, France
