新版本中加的特性,启动容器时候直接传--security-opt seccomp=unconfined即可绕过,详情可以参考:https://docs.docker.com/engine/security/seccomp/
bash
docker run --rm -it --security-opt seccomp=unconfined debian:jessie \
unshare --map-root-user --user sh -c whoami
新版本中加的特性,启动容器时候直接传--security-opt seccomp=unconfined即可绕过,详情可以参考:https://docs.docker.com/engine/security/seccomp/
bash
docker run --rm -it --security-opt seccomp=unconfined debian:jessie \
unshare --map-root-user --user sh -c whoami
From here you can search these documents. Enter your search terms below.
| Keys | Action |
|---|---|
| ? | Open this help |
| n | Next page |
| p | Previous page |
| s | Search |