using latest s6-overlay to allow container to run as non-root #882
Comments
|
Thanks for your info. My understanding is that the high risk of changing existing ones due to not being able to check Rstudio Server behavior with CI is preventing s6-overlay updates. |
|
Thanks @eitsupi for getting back to me - is there any way to avoid using s6 completely? I.e. still benefit from the set up scripts, but skip the s6 parts so the container can start as any user? |
|
Perhaps the following process will allow you to run in single-user mode. In short, |
Container image name
rocker/rstudio:4.4.2
Container image digest
No response
What operating system related to this question?
Linux
System information
No response
Question
First of all, thank you for all the excellent work that has gone into making and maintaining this library of images!
I've been struggling to get them working in kubernetes without modification; this is primarily due to the restriction of no privilege escalation, but the containers run s6 which needs root on startup. However, the most recent version of s6 seems to go in the direction of partially addressing this - I'm wondering if anyone has tried this out with any success? I've not been able to get a working image with this new version of s6, but am willing to continue trying if it seems that it might yield a working solution.
The text was updated successfully, but these errors were encountered: