On Tue, Sep 08, 2015 at 04:14:58PM +0200, Michał Zegan wrote: > Hello. > > Before you stated that containers are not a security feature right > now. It is required to manually shift uids/gids on images etc.
Yes. Also, if you uid-shift the container's root directory, using `--private-users` without specifying a uid-shift works by inspecting the uid-shift of the file-system, assuming that each container is allocated the lower 16-bits of the UID field, and the upper 16-bits being a container ID. _______________________________________________ systemd-devel mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/systemd-devel
