[Bug 2813] sshd fails to start in user namespaces when the gid for tty is not mapped
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Tue Dec 19 18:31:02 AEDT 2017
https://bugzilla.mindrot.org/show_bug.cgi?id=2813
--- Comment #2 from Oliver Freyermuth <o.freyermuth at googlemail.com> ---
That's not possible.
See:
http://man7.org/linux/man-pages/man7/user_namespaces.7.html
In short, as already mentioned, in a user-namespace, one can only map
his / her own effective uid / gid from outside the namespace to a
single uid / gid paid inside the namespace.
Mapping of other uids / gids required privileges (CAP_SETUID /
CAP_SETGID) in the parent namespace, which users do not have.
So there is nothing to configure, sadly.
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list