podman --uidmap
The "--uidmap" option in Podman is used to map the user and group IDs from the host system to the container. It allows you to define custom mappings for user and group IDs, providing better security and isolation for the container.
The syntax for using "--uidmap" option is as follows:
podman run --uidmap=<host_user>:<container_user>:<count>
Here:
<host_user>: The user ID of the host system.<container_user>: The user ID that the container will see.<count>: The number of consecutive user IDs to map.
For example, if you want to map the user ID 1000 from the host system to the user ID 5000 in the container, you can use the following command:
podman run --uidmap=1000:5000:1 <image>
This will ensure that any processes running inside the container will see the user ID 5000 as their own, providing better isolation and security.
Note that the "--uidmap" option can also be used with the "--gidmap" option to map group IDs in a similar way
原文地址: http://www.cveoy.top/t/topic/iue7 著作权归作者所有。请勿转载和采集!