[cfarm-users] Install podman on gcc120.fsffrance.org
Segher Boessenkool
segher at kernel.crashing.org
Thu Jul 25 17:19:29 CEST 2024
On Thu, Jul 25, 2024 at 04:05:59PM +0100, Jonathan Wakely wrote:
> On Thu, 25 Jul 2024 at 15:59, Segher Boessenkool via cfarm-users
> <cfarm-users at lists.tetaneutral.net> wrote:
> >
> > On Thu, Jul 25, 2024 at 04:04:26PM +0200, Florian Weimer via cfarm-users wrote:
> > > Would be possible to install podman on gcc120.fsffrance.org
> >
> > Wow, that brings in all kinds of container and selinux stuff. But,
> > installed :-)
> >
> > > I expect it to be useful out of the box in rootless mode, and no new
> > > daemon with root privileges or special group memberships will be
> > > required.
> >
> > "Rootless mode"? For users, you mean?
>
> Docker requires a special daemon with root privs for users to run
> containers, podman doesn't. It has a "rootless mode" which allows
> unprivileged users to run containers. There are some limitations on
> what those containers can do in rootless mode, but for many use cases
> they work perfectly.
Ah yeah. We don't do such things on the cfarm (things like such
daemons), they are a security and maintenance nightmare.
Segher
More information about the cfarm-users
mailing list