Created
April 7, 2022 14:16
-
-
Save jondkelley/3e06f649c3f0c3fdfedbaa6281bf9c87 to your computer and use it in GitHub Desktop.
busy box non root
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# 1) Deploy the pod | |
# | |
# kubectl create -f busybox-non-root.yaml | |
# | |
# 2) Access the shell | |
# | |
# kubectl exec -ti busybox-1000 -- sh | |
# | |
# 3) from the shell run: | |
# | |
# id -u `whoami` | |
apiVersion: v1 | |
kind: Pod | |
metadata: | |
name: busybox-1000 | |
spec: | |
containers: | |
- name: busybox-1000 | |
image: busybox | |
command: | |
- 'sleep' | |
- '1000' | |
securityContext: | |
runAsUser: 1000 | |
#redundant as 1000 is not root but good to have | |
#as the runtime will do verification that no process will | |
#run as root within the container | |
runAsNonRoot: true | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment