Lachlan Donald
Lachlan Donald
Based on our Slack discussion, sounds like having a non-privileged docker-daemon might solve a lot of the concerns that you were trying to solve initially? It was intended that v3.0.0...
We are going to add back a way to turn off userns-remapping :(
We've brought back `EnableDockerUserNamespaceRemap` in #410. You can use this in https://s3.amazonaws.com/buildkite-aws-stack/master/aws-stack.json and we'll be cutting a 3.1.0 release soon.
I've re-opened this, as it's still an issue. It appears that containers with non-root users in them aren't being correctly mapped back to something that `buildkite-agent` can read on the...
Sounds like this would make for a sensible default, along with creating a [dedicated key in the cloudformation stack](http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-key.html). I wonder what the behaviour of changing the KMS key associated...
Yup, on reflection, I agree.
I hate to ask, but you're using your bucket name, not `bucketname`, right @sushilvarma2?
Do you have permission to write to that bucket? Sent from my iPhone > On 8 Sep 2017, at 5:31 pm, sushilvarma2 wrote: > > yah that is right. that...
Thanks @shaneog, this is a tricky one! 🤔
> A possible workaround is to chown -R root:root ... in the --from image and then restore the ownership in the target image. From the moby issue, might that be...