Commit Graph

7 Commits (21034f4234c5fdbdd7f25d3373e12bd0b950e4db)

Author SHA1 Message Date
Akihiro Suda c54f4a986d support --oci-worker-no-process-sandbox
Note that this mode allows build executor containers to kill (and potentially ptrace) an arbitrary process in the BuildKit host namespace.
This mode should be enabled only when the BuildKit is running in a container as an unprivileged user.

Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2019-01-08 10:42:52 +09:00
Akihiro Suda b5003d53eb update docs
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2018-11-01 16:17:26 +09:00
Akihiro Suda 048130d1d0 simplify rootless
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2018-10-16 14:05:58 +09:00
Akihiro Suda eebb7428f5 rootless: update docs/rootless.md
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2018-07-04 19:27:54 +09:00
Akihiro Suda 18ac6e2d9a test.Dockerfile: new target: "rootless"
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2018-06-04 23:17:03 +09:00
Akihiro Suda c9c0603847 fix rootless docs
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2018-06-01 13:04:55 +09:00
Akihiro Suda adef0dedef oci-worker: experimental support for rootless mode
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2018-05-31 16:05:13 +09:00