LFD259 LAB 6.6 : what is the correct yaml to solve properly the issue at point 9?
I have a question about points 8 and 9.
8. After finding the errors, log into the container and find the proper id of the nginx user.
9. Edit the yaml and re-create the pod such that the pod runs without error.
I found that nginx id is 101 with cat /etc/password
But when I edit the "runAsUser:" id in the yaml, nginx still does not work when I put user id 101.
I put it at the pod level.
I put it also at the container level :
containers:
- name: webguy
image: nginx
securityContext:
allowPrivilegeEscalation: false
runAsUser: 101 # nginx user
The only solution I found to solve the pod's issue is to put the id of the root user (id=0) but I guess I might have missed something.
My current yaml (sorry for formatting lost)
apiVersion: v1
kind: Pod
metadata:
name: securityreview
spec:
securityContext:
runAsUser: 0
containers:
- name: webguy
image: nginx
securityContext:
runAsUser: 0
The result
root@cp:~/# kubectl get po | egrep "NAM|secur"
NAME READY STATUS RESTARTS AGE
securityreview 1/1 Running 0 3m
My question is: what is the proper yaml to solve the pod's issue?
Answers
-
Note : I did not know how to add a "spoiler" flag so I did not include any. Forgive me if I did something wrong.
If the deletion of the question is needed, please tell me. I will recreate the question in an appropriate manner if an admin deletes the current one because it violates some forum rules.0
Categories
- All Categories
- 172 LFX Mentorship
- 172 LFX Mentorship: Linux Kernel
- 740 Linux Foundation IT Professional Programs
- 371 Cloud Engineer IT Professional Program
- 166 Advanced Cloud Engineer IT Professional Program
- 71 DevOps IT Professional Program - Discontinued
- 3 DevOps & GitOps IT Professional Program
- 98 Cloud Native Developer IT Professional Program
- 38 Express Training Courses & Microlearning
- 33 Express Courses - Discussion Forum
- 5 Microlearning - Discussion Forum
- 7.6K Training Courses
- 25 LFC110 Class Forum - Discontinued
- 15 LFC131 Class Forum - DISCONTINUED
- 55 LFD102 Class Forum
- 261 LFD103 Class Forum
- 2 LFD103-JP クラス フォーラム
- 20 LFD110 Class Forum
- 2 LFD114 Class Forum
- 56 LFD121 Class Forum
- 4 LFD123 Class Forum
- 3 LFD125 Class Forum
- 4 LFD133 Class Forum
- 5 LFD134 Class Forum
- 5 LFD137 Class Forum
- 2 LFD140 Class Forum
- 67 LFD201 Class Forum
- 8 LFD210 Class Forum
- 4 LFD210-CN Class Forum
- 1 LFD213 Class Forum - Discontinued
- 2 LFD221 Class Forum
- 127 LFD232 Class Forum - Discontinued
- 2 LFD233 Class Forum - Discontinued
- 5 LFD237 Class Forum
- 25 LFD254 Class Forum
- 763 LFD259 Class Forum
- 110 LFD272 Class Forum - Discontinued
- 2 LFD272-JP クラス フォーラム - Discontinued
- 23 LFD273 Class Forum
- 675 LFS101 Class Forum
- 4 LFS111 Class Forum - Discontinued
- 2 LFS112 Class Forum - Discontinued
- 3 LFS114 Class Forum
- 5 LFS116 Class Forum
- 6 LFS118 Class Forum
- 3 LFS120 Class Forum
- 2 LFS140 Class Forum
- 13 LFS142 Class Forum
- 10 LFS144 Class Forum
- 6 LFS145 Class Forum
- 8 LFS146 Class Forum
- 8 LFS147 Class Forum
- 28 LFS148 Class Forum
- 22 LFS151 Class Forum - Discontinued
- 6 LFS157 Class Forum
- 176 LFS158 Class Forum
- 2 LFS158-JP クラス フォーラム
- 19 LFS162 Class Forum
- 1 LFS166 Class Forum - Discontinued
- 9 LFS167 Class Forum - Discontinued
- 4 LFS170 Class Forum - Discontinued
- 1 LFS171 Class Forum - Discontinued
- 3 LFS178 Class Forum - Discontinued
- 4 LFS180 Class Forum
- 3 LFS182 Class Forum
- 8 LFS183 Class Forum
- 3 LFS184 Class Forum
- 43 LFS200 Class Forum
- 736 LFS201 Class Forum - Discontinued
- 2 LFS201-JP クラス フォーラム - Discontinued
- 24 LFS203 Class Forum
- 162 LFS207 Class Forum
- 3 LFS207-DE-Klassenforum
- 4 LFS207-JP クラス フォーラム
- 301 LFS211 Class Forum - Discontinued
- 55 LFS216 Class Forum - Discontinued
- 61 LFS241 Class Forum
- 52 LFS242 Class Forum
- 42 LFS243 Class Forum
- 19 LFS244 Class Forum
- 9 LFS245 Class Forum
- 3 LFS246 Class Forum
- 2 LFS248 Class Forum
- 179 LFS250 Class Forum
- 4 LFS250-JP クラス フォーラム
- 2 LFS251 Class Forum - Discontinued
- 166 LFS253 Class Forum
- 1 LFS254 Class Forum - Discontinued
- 5 LFS255 Class Forum
- 19 LFS256 Class Forum
- 3 LFS257 Class Forum
- 1.4K LFS258 Class Forum
- 13 LFS258-JP クラス フォーラム
- 151 LFS260 Class Forum
- 165 LFS261 Class Forum
- 46 LFS262 Class Forum
- 82 LFS263 Class Forum - Discontinued
- 15 LFS264 Class Forum - Discontinued
- 11 LFS266 Class Forum - Discontinued
- 26 LFS267 Class Forum
- 28 LFS268 Class Forum
- 39 LFS269 Class Forum
- 13 LFS270 Class Forum
- 202 LFS272 Class Forum - Discontinued
- 2 LFS272-JP クラス フォーラム - Discontinued
- 1 LFS274 Class Forum - Discontinued
- 4 LFS281 Class Forum - Discontinued
- 34 LFW111 Class Forum
- 265 LFW211 Class Forum - Discontinued
- 190 LFW212 Class Forum - Discontinued
- 21 SKF100 Class Forum
- 3 SKF200 Class Forum
- 4 SKF201 Class Forum
- 790 Hardware
- 202 Drivers
- 68 I/O Devices
- 37 Monitors
- 95 Multimedia
- 173 Networking
- 90 Printers & Scanners
- 86 Storage
- 767 Linux Distributions
- 81 Debian
- 67 Fedora
- 21 Linux Mint
- 13 Mageia
- 24 openSUSE
- 150 Red Hat Enterprise
- 31 Slackware
- 13 SUSE Enterprise
- 356 Ubuntu
- 464 Linux System Administration
- 31 Cloud Computing
- 73 Command Line/Scripting
- Github systems admin projects
- 97 Linux Security
- 78 Network Management
- 101 System Management
- 46 Web Management
- 93 Mobile Computing
- 18 Android
- 61 Development
- 1.2K New to Linux
- 1K Getting Started with Linux
- 389 Off Topic
- 118 Introductions
- 181 Small Talk
- 29 Study Material
- 845 Programming and Development
- 310 Kernel Development
- 517 Software Development
- 926 Software
- 319 Applications
- 182 Command Line
- 5 Compiling/Installing
- 68 Games
- 316 Installation
- 71 All In Program
- 71 All In Forum
Upcoming Training
-
August 20, 2018
Kubernetes Administration (LFS458)
-
August 20, 2018
Linux System Administration (LFS301)
-
August 27, 2018
Open Source Virtualization (LFS462)
-
August 27, 2018
Linux Kernel Debugging and Security (LFD440)