2017-06-08 19:17 GMT+02:00 Tim Dudgeon <[email protected]>: > I'm struggling to find a full definition of the different values for the > runAsUser.Type option for Security Context Constraints. >
It should be here: https://docs.openshift.org/latest/architecture/additional_concepts/authorization.html#authorization-RunAsUser > I found mention of MustRunAsRange, RunAsAny and MustRunAsNonRoot. > > Is there an option for run as the specified user unless it is root, in > which case allocate an id from the range? > I think no, there is no such option. The behavior that you are requesting could be unexpected for many users. If someone defines that his image needs to be run under root user than he has reason for that. In most cases, it means that if OpenShift will try to run such an image under unprivileged user, container won't start or won't work. -- Slava Semushin | OpenShift
_______________________________________________ users mailing list [email protected] http://lists.openshift.redhat.com/openshiftmm/listinfo/users
