|
|
|
|
|
|
by ghedo
4022 days ago
|
|
|
pflask author here (I'm a bit surprised to see it mentioned here really). To answer your question, no, you don't need to map all the users inside the container to users on the host. pflask user namespace support is quite limited right now: with the --user option you tell pflask to map the outside user that is running pflask, to the inside user specified by the option. Let's say you run something like: $ sudo pflask --user=some_user ...
Since you are running pflask as root (sudo ...), pflask will map the "root" user outside of the container to the "some_user" user inside the container.The whole point of this feature was the possibility of running pflask as non-root, so you could map a normal user on the host to the root user inside the container and still be able to call mount() (although there are several limitations), so it's only possible to map one user right now, however it shouldn't be difficult to add another option to map additional users (feel free to open a GitHub issue if you need this). |
|
|