Hi again, I tried using the suggestions you guys gave but some how its still failing. On further analysis I understood that this is not actually the image which I created.
Since I'm using source2image, the github source is being mapped on to my image which has root privileges. Now my image creates a build and then a new pod is spawned up using that build. Is there some other configuration within these steps which allows me to run the pod as a root user? Or these steps have nothing to do with the user issue i'm facing? Thanks, AK On Thu, Dec 1, 2016 at 6:31 PM, Srinivas Naga Kotaru (skotaru) < [email protected]> wrote: > I was thinking belwo are right steps as per my knowledge > > > > 1. Create a service account > > 2. Grant anyuid SCC to this service account > > 3. And add sercice account details to dc object > > > > > > I might be wrong but above steps in my mind. Even I would like to get > clarity on this topic what is the right approach to run a container using > anyuid priviligies > > > > > > -- > > *Srinivas Kotaru* > > > > *From: *<[email protected]> on behalf of Ben > Parees <[email protected]> > *Date: *Thursday, December 1, 2016 at 1:37 PM > *To: *Akshaya Khare <[email protected]>, Jordan Liggitt < > [email protected]> > *Cc: *users <[email protected]> > *Subject: *Re: oc new-app with root privileges > > > > > > > > On Thu, Dec 1, 2016 at 4:18 PM, Akshaya Khare <[email protected]> > wrote: > > Hi, > > > > I created my own image which can use s2i to use git urls for my internal > projects. > > > > The image has been created such that the systemd services will be working, > and in order to do that the image had to be created with root user. > > > > Now the container spawned from this image only works properly i spawn it > with the below command: > > > > *docker run -ti -v /sys/fs/cgroup:/sys/fs/cgroup:ro -d my-image-name* > > > > The container works fine. > > > > Unfortunately, whenever I try to create the container from the openshift > ui, it creates the pod successfully but it doesn't have access to run it > since it doesn't run it as a root user. > > > > I tried to provide this command: > > > > *oadm policy add-scc-to-user anyuid -z project-name* > > > > But still the pod is created without the root user. > > > > Is there any way to run the pod with root user via both cli or ui? > > > > assuming your built image defaults to running as root, the adding anyuid > scc should be all you need to do for the image to run as that user, as far > as i know. > > > > > > > > > -- > > *Thanks & Regards,* > > *Akshaya Khare* > > *312-785-3508 <312-785-3508>* > > > _______________________________________________ > users mailing list > [email protected] > http://lists.openshift.redhat.com/openshiftmm/listinfo/users > > > > > -- > > Ben Parees | OpenShift > -- *Thanks & Regards,* *Akshaya Khare* *312-785-3508*
_______________________________________________ users mailing list [email protected] http://lists.openshift.redhat.com/openshiftmm/listinfo/users
