podman system service restrict privileged containers #23848
Unanswered
notSoWiseOldMan
asked this question in
Q&A
Replies: 1 comment 1 reply
-
|
You can't we have not added any kind of "authorization service" to podman service. If you can talk to the socket, then you get access to the full API. |
Beta Was this translation helpful? Give feedback.
1 reply
-
|
I see. If it makes any difference I don't want authorization but to disallow it altogether. Similar to settings cgroups=disabled in the containers.conf will reject any podman run command with |
Beta Was this translation helpful? Give feedback.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hi,
I am running rootful podman as a service inside of a container. That container is running as privleged. I want other users to be able to run containers on my host using the podman service but I don't want them to be able to start privileged containers. How can I configure my podman service to disallow that?
Beta Was this translation helpful? Give feedback.
All reactions