Uploaded image for project: 'OpenShift Request For Enhancement'
  1. OpenShift Request For Enhancement
  2. RFE-3254

Support User Namespaces

    XMLWordPrintable

Details

    • Feature Request
    • Resolution: Done
    • Undefined
    • None
    • None
    • Node
    • False
    • None
    • False
    • Not Selected
    • 0
    • 0% 0%

    Description

      User namespaces isolate security-related identifiers and attributes, in particular, user IDs and group IDs, the root directory, keys, and capabilities. A process's user and group IDs can be different inside and outside a user namespace. In particular, a process can have a normal unprivileged user ID outside a user namespace while at the same time having a user ID of 0 inside the namespace; in other words, the process has full privileges for operations inside the user namespace, but is unprivileged for operations outside the namespace.

       

      https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/127-user-namespaces/README.md#ga 

      Attachments

        Issue Links

          relates to

          Feature - Capability or a well-defined set of functionality that delivers business value. Features can include additions or changes to existing functionality. Features can easily span multiple teams, and potentially multiple releases. OCPSTRAT-207 Support User Namespaces in pods

          • Critical - To be worked on immediately following BLOCKER issues.
          • In Progress
          links to

          Web Link Support for user namespaces in OpenShift Container Platform 4

          Activity

            People

              gausingh@redhat.com Gaurav Singh
              gausingh@redhat.com Gaurav Singh
              Votes:
              2 Vote for this issue
              Watchers:
              31 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: