New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unable to run crond command in docker container running as non-root #148
Comments
https://github.com/aptible/supercronic#why-supercronic could be of interest on the topic of "cron in containers". |
I'm interested in this too. Running "crond & httpd" entrypoint under ubi base images produces I've already tried Is it possible to get cronie working without root privileges? |
Found a workaround:
run-cron.sh content
This is for ubi based s2i image but can be adapted for other RedHat images I believe. The only caveat, crond process will run as root (which is not always safe) and you won't be able to kill it from inside the rootless image. It would still be great to somehow have a possibility to run cronie completely rootless. EDIT: I have updated a workaround with modified PAM configuration. Under RHEL cronie doesn't want to read /etc/shadow file for some reason, even though it is running as setuid=root. Or maybe this is a problem with pam_unix.so. This produces issues when running cronjobs of other users, let's say from /var/spool/cron/default user crontab.
Adding |
I am using cronie in docker container running as non root. When I run crond command it exit with error
setuid: operation not permitted
Do we have example with non-root docker container having redhat/ubi8-minimal base image.
The text was updated successfully, but these errors were encountered: