-
Notifications
You must be signed in to change notification settings - Fork 77
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
cap-add=NET_ADMIN on aws ecs #6
Comments
I forget what was failing. Can you try and see? It might have been the binding of ports < 1024 per http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2014q2/008540.html. |
I used --privileged flag and it's working, but i don't think that's a good idea from the security perspective? |
Security is different for everyone. I can't really comment on that specifically. But understanding why we need to use |
FAQ on dnsmasq says that
|
Unfortunately, I don't have a good answer. I don't use this image anymore and don't have good understanding of the Linux capabilities. I tired to narrow down the capabilities when I originally used it so that it didn't require If you or anyone else find otherwise, feel free to open a pull request to modify the README accordingly. |
I will probably run it in |
For anyone else ending up here when trying to get dnsmasq running in ECS: Per https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514214#10 You can use |
Resolves 4km3#6
@borgstrom, while I didn't generally agree with #11, it could make sense to mention this in the README. I'm going to close this issue as the original one is more specific to AWS. But I'd be happy to accept a pull request to add something to the README mentioning adding |
Update README.md
Is there a workaround for --cap-add=NET_ADMIN, because aws ecs agent doesn't support --cap-add?
The text was updated successfully, but these errors were encountered: