Cesar Talledo
Cesar Talledo
Hi @AlexTalker , thanks for giving Sysbox a shot and for filing this issue. I've not played around with CIFS volume mounts into Sysbox containers, but certainly shiftfs could be...
Hi @AlexTalker, thanks again for all the info provided. I was able to reproduce the problem, and it certainly appears to be caused by the interaction between shiftfs and cifs...
By the way, there is work happening at kernel level that will void the need for shiftfs in the near future. This will likely fix this issue and void the...
Hi @AlexTalker, Since Sysbox uses the Linux user-namespace for its containers, there is mapping of user-IDs going on. Assuming that at host level: * You've configured Docker with `userns-remap: "sysbox"`...
> @ctalledo If I understand correctly, does `/etc/subuid` act as "slice off" of IDs then, if you state that such math works? Correct. > If so, how does one limit...
Hi @AlexTalker, > could you please also highlight whether or not I need to change owndership in /var/lib/docker to make it work No this should not be needed, Docker takes...
Hi @iasoon, Thanks for giving Sysbox a shot. Can you post the contents of your host's `/etc/subuid` and `/etc/subgid` files?
Hi @iasoon, Thanks for sending the info. A couple of comments: 1) The sub[uid|gid] range for user `sysbox` should normally start above 65535. That way, it does not collide with...
Makes sense, thanks for filing the issue. We are also working on supporting Sysbox on K8s clusters, and I think this will also help installing Sysbox in K8s nodes.
Of the benefits listed, I think the security benefit would certainly be realizable and is the most compelling. Regarding the simplicity & flexibility benefits, these may not be realizable given...