Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Which Linux capabilities are required to properly function? #284

Open
juniorz opened this issue Sep 29, 2022 · 1 comment
Open

Which Linux capabilities are required to properly function? #284

juniorz opened this issue Sep 29, 2022 · 1 comment

Comments

@juniorz
Copy link

juniorz commented Sep 29, 2022
edited

It would be great to have documented in the README which Linux capabilities are required by dumb-init in order to function properly.

We often see tools in the Kubernetes ecosystem being obsessed with dropping all capabilities via

securityContext:
  capabilities:
    drop:
    - ALL

and then operators learn the container uses dumb-init as PID1 when they notice the termination of pods is broken because dumb-init is unable to terminate all children processes.
@asottile
Copy link
Contributor

can you provide more information and/or determine this yourself and send a patch? it's unclear what error you're trying to solve and if you included your error message then others can find it as well

oddly enough I haven't had issues with dumb-init and zero capabilities so it's possible you're running into some other problem?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@juniorz @asottile