On Thu, Jul 25, 2024 at 04:05:59PM +0100, Jonathan Wakely wrote: > On Thu, 25 Jul 2024 at 15:59, Segher Boessenkool via cfarm-users > <cfarm-users@lists.tetaneutral.net> wrote: > > > > On Thu, Jul 25, 2024 at 04:04:26PM +0200, Florian Weimer via cfarm-users > > wrote: > > > Would be possible to install podman on gcc120.fsffrance.org > > > > Wow, that brings in all kinds of container and selinux stuff. But, > > installed :-) > > > > > I expect it to be useful out of the box in rootless mode, and no new > > > daemon with root privileges or special group memberships will be > > > required. > > > > "Rootless mode"? For users, you mean? > > Docker requires a special daemon with root privs for users to run > containers, podman doesn't. It has a "rootless mode" which allows > unprivileged users to run containers. There are some limitations on > what those containers can do in rootless mode, but for many use cases > they work perfectly.
Ah yeah. We don't do such things on the cfarm (things like such daemons), they are a security and maintenance nightmare. Segher _______________________________________________ cfarm-users mailing list cfarm-users@lists.tetaneutral.net https://lists.tetaneutral.net/listinfo/cfarm-users
