[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 2/3] user_namespaces.7: Document pitfall with negative permis
From: |
Richard Weinberger |
Subject: |
Re: [PATCH 2/3] user_namespaces.7: Document pitfall with negative permissions and user namespaces |
Date: |
Tue, 29 Aug 2023 23:39:10 +0200 (CEST) |
----- Ursprüngliche Mail -----
> Von: "Alejandro Colomar" <alx@kernel.org>
> $ unshare ‐S 0 ‐G 0 ‐‐map‐users=100000,0,65536 ‐‐map‐groups=100000,0,65536 id
> unshare: failed to execute ‐S: No such file or directory
Well, maybe your unshare tool is too old.
AFAIK it uses newuidmap only in recent versions.
You can achieve the very same als using podman in rootless mode.
e.g.
podman run -it -v /scratch:/scratch/ bash -c "cat /scratch/games/game.txt"
Thanks,
//richard
[PATCH 3/3] man: Document pitfall with negative permissions and user namespaces, Richard Weinberger, 2023/08/29