You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I've discovered that UID 0 / GID 0 is being mapped to 65534 on a local system in a server spawned with portwrap. This was flagged when a user attempted to use git/ssh from this jupyter server, and ssh complained that a file in /etc/ssh/ssh_config.d/ had the wrong permissions. They are 65534:65534 within the user namespace and 0:0 on the host. I suspect this is happening because of how subuid/subgid are configured on the system, but I need to test.
The text was updated successfully, but these errors were encountered:
Actually, it looks like this is due to how bubblewrap initializes the namespace, to not map root-to-root. There may be other code paths to take if bubblewrap were setuid, but I'm not sure what all the pros and cons to that are.
I've discovered that UID 0 / GID 0 is being mapped to 65534 on a local system in a server spawned with portwrap. This was flagged when a user attempted to use git/ssh from this jupyter server, and ssh complained that a file in /etc/ssh/ssh_config.d/ had the wrong permissions. They are 65534:65534 within the user namespace and 0:0 on the host. I suspect this is happening because of how subuid/subgid are configured on the system, but I need to test.
The text was updated successfully, but these errors were encountered: