両方とも前のリビジョン 前のリビジョン 次のリビジョン | 前のリビジョン 次のリビジョン両方とも次のリビジョン |
linux:podman [2024/03/19 06:37] – [newuidmap: open of uid_map failed: Permission denied] ともやん | linux:podman [2024/04/11 09:01] – [レシピ] ともやん |
---|
<font color="#A2734C">mysql-1 | </font>2024-03-12 5:45:20 0 [Note] mysqld: ready for connections. | <font color="#A2734C">mysql-1 | </font>2024-03-12 5:45:20 0 [Note] mysqld: ready for connections. |
<font color="#A2734C">mysql-1 | </font>Version: '10.5.9-MariaDB-1:10.5.9+maria~focal' socket: '/run/mysqld/mysqld.sock' port: 3306 mariadb.org binary distribution | <font color="#A2734C">mysql-1 | </font>Version: '10.5.9-MariaDB-1:10.5.9+maria~focal' socket: '/run/mysqld/mysqld.sock' port: 3306 mariadb.org binary distribution |
| </pre></html></WRAP> |
| </WRAP> |
| |
| ==== compose provider ==== |
| podman compose は、docker-compose や podman-compose などの外部作成プロバイダーの薄いラッパーです。\\ |
| 公式: [[https://docs.podman.io/en/stable/markdown/podman-compose.1.html|podman-compose — Podman documentation]] [[gtr>https://docs.podman.io/en/stable/markdown/podman-compose.1.html|翻訳]] より\\ |
| |
| podman は compose provider 探して処理を引き渡す🤔\\ |
| 見つからない場合はエラーになるので、docker-compose、podman-compose をインストールする必要がある。\\ |
| <WRAP color_term> |
| <WRAP color_command><html><pre> |
| <font color="#FF8700"><b>$</b></font> <font color="#26A269">podman</font> <font color="#A347BA">--log-level=debug</font> compose version |
| </pre></html></WRAP> |
| <WRAP color_result_hlong><html><pre> |
| <font color="#2AA1B3">INFO</font>[0000] podman filtering at log level debug |
| <font color="#D0CFCC">DEBU</font>[0000] Called compose.PersistentPreRunE(podman --log-level=debug compose version) |
| <font color="#D0CFCC">DEBU</font>[0000] Using conmon: "/usr/bin/conmon" |
| <font color="#2AA1B3">INFO</font>[0000] Using sqlite as database backend |
| <font color="#D0CFCC">DEBU</font>[0000] Using graph driver overlay |
| <font color="#D0CFCC">DEBU</font>[0000] Using graph root /home/tomoyan/.local/share/containers/storage |
| <font color="#D0CFCC">DEBU</font>[0000] Using run root /run/user/1000/containers |
| <font color="#D0CFCC">DEBU</font>[0000] Using static dir /home/tomoyan/.local/share/containers/storage/libpod |
| <font color="#D0CFCC">DEBU</font>[0000] Using tmp dir /run/user/1000/libpod/tmp |
| <font color="#D0CFCC">DEBU</font>[0000] Using volume path /home/tomoyan/.local/share/containers/storage/volumes |
| <font color="#D0CFCC">DEBU</font>[0000] Using transient store: false |
| <font color="#D0CFCC">DEBU</font>[0000] Not configuring container store |
| <font color="#D0CFCC">DEBU</font>[0000] Initializing event backend journald |
| <font color="#D0CFCC">DEBU</font>[0000] Configured OCI runtime krun initialization failed: no valid executable found for OCI runtime krun: invalid argument |
| <font color="#D0CFCC">DEBU</font>[0000] Configured OCI runtime crun-wasm initialization failed: no valid executable found for OCI runtime crun-wasm: invalid argument |
| <font color="#D0CFCC">DEBU</font>[0000] Configured OCI runtime runj initialization failed: no valid executable found for OCI runtime runj: invalid argument |
| <font color="#D0CFCC">DEBU</font>[0000] Configured OCI runtime kata initialization failed: no valid executable found for OCI runtime kata: invalid argument |
| <font color="#D0CFCC">DEBU</font>[0000] Configured OCI runtime runc initialization failed: no valid executable found for OCI runtime runc: invalid argument |
| <font color="#D0CFCC">DEBU</font>[0000] Configured OCI runtime runsc initialization failed: no valid executable found for OCI runtime runsc: invalid argument |
| <font color="#D0CFCC">DEBU</font>[0000] Configured OCI runtime youki initialization failed: no valid executable found for OCI runtime youki: invalid argument |
| <font color="#D0CFCC">DEBU</font>[0000] Configured OCI runtime ocijail initialization failed: no valid executable found for OCI runtime ocijail: invalid argument |
| <font color="#D0CFCC">DEBU</font>[0000] Using OCI runtime "/usr/bin/crun" |
| <font color="#2AA1B3">INFO</font>[0000] Setting parallel job count to 25 |
| <font color="#D0CFCC">DEBU</font>[0000] Error looking up compose provider "docker-compose": exec: "docker-compose": executable file not found in $PATH |
| <font color="#D0CFCC">DEBU</font>[0000] Error looking up compose provider "$HOME/.docker/cli-plugins/docker-compose": exec: "/home/tomoyan/.docker/cli-plugins/docker-compose": stat /home/tomoyan/.docker/cli-plugins/docker-compose: no such file or directory |
| <font color="#D0CFCC">DEBU</font>[0000] Error looking up compose provider "/usr/local/lib/docker/cli-plugins/docker-compose": exec: "/usr/local/lib/docker/cli-plugins/docker-compose": stat /usr/local/lib/docker/cli-plugins/docker-compose: no such file or directory |
| <font color="#D0CFCC">DEBU</font>[0000] Error looking up compose provider "/usr/local/libexec/docker/cli-plugins/docker-compose": exec: "/usr/local/libexec/docker/cli-plugins/docker-compose": stat /usr/local/libexec/docker/cli-plugins/docker-compose: no such file or directory |
| <font color="#D0CFCC">DEBU</font>[0000] Error looking up compose provider "/usr/lib/docker/cli-plugins/docker-compose": exec: "/usr/lib/docker/cli-plugins/docker-compose": stat /usr/lib/docker/cli-plugins/docker-compose: no such file or directory |
| <font color="#D0CFCC">DEBU</font>[0000] Error looking up compose provider "/usr/libexec/docker/cli-plugins/docker-compose": exec: "/usr/libexec/docker/cli-plugins/docker-compose": stat /usr/libexec/docker/cli-plugins/docker-compose: no such file or directory |
| <font color="#D0CFCC">DEBU</font>[0000] Error looking up compose provider "podman-compose": exec: "podman-compose": executable file not found in $PATH |
| Error: looking up compose provider failed |
| 7 errors occurred: |
| * exec: "docker-compose": executable file not found in $PATH |
| * exec: "/home/tomoyan/.docker/cli-plugins/docker-compose": stat /home/tomoyan/.docker/cli-plugins/docker-compose: no such file or directory |
| * exec: "/usr/local/lib/docker/cli-plugins/docker-compose": stat /usr/local/lib/docker/cli-plugins/docker-compose: no such file or directory |
| * exec: "/usr/local/libexec/docker/cli-plugins/docker-compose": stat /usr/local/libexec/docker/cli-plugins/docker-compose: no such file or directory |
| * exec: "/usr/lib/docker/cli-plugins/docker-compose": stat /usr/lib/docker/cli-plugins/docker-compose: no such file or directory |
| * exec: "/usr/libexec/docker/cli-plugins/docker-compose": stat /usr/libexec/docker/cli-plugins/docker-compose: no such file or directory |
| * exec: "podman-compose": executable file not found in $PATH |
| <font color="#D0CFCC">DEBU</font>[0000] Shutting down engines |
| </pre></html></WRAP> |
| </WRAP> |
| ソースコード: [[git>containers/podman/blob/e64d81481dd0669b60cb2fc94fed9f147e90a102/cmd/podman/compose.go#L73|podman/cmd/podman/compose.go at e64d81481dd0669b60cb2fc94fed9f147e90a102 · containers/podman]]\\ |
| |
| Python の podman-compose をインストールする場合🤔\\ |
| 公式: [[git>containers/podman-compose|containers/podman-compose: a script to run docker-compose.yml using podman]]\\ |
| <WRAP color_term> |
| <WRAP color_command><html><pre> |
| <font color="#FF8700"><b>$</b></font> <font color="#26A269">pip</font> install <font color="#A347BA">--user</font> podman-compose |
| </pre></html></WRAP> |
| <WRAP color_result><html><pre> |
| Collecting podman-compose |
| Obtaining dependency information for podman-compose from https://files.pythonhosted.org/packages/c0/99/0f3be1e471dc6a2b6feff25fc0a9e8d973b5190f227766fe9a2eb95e6d0a/podman_compose-1.0.6-py2.py3-none-any.whl.metadata |
| Using cached podman_compose-1.0.6-py2.py3-none-any.whl.metadata (5.4 kB) |
| Requirement already satisfied: pyyaml in /usr/lib64/python3.12/site-packages (from podman-compose) (6.0.1) |
| Requirement already satisfied: python-dotenv in ./.local/lib/python3.12/site-packages (from podman-compose) (1.0.1) |
| Using cached podman_compose-1.0.6-py2.py3-none-any.whl (34 kB) |
| Installing collected packages: podman-compose |
| Successfully installed podman-compose-1.0.6 |
| </pre></html></WRAP> |
| </WRAP> |
| |
| podman は Python の podman-compose を利用するようになる🤔\\ |
| <WRAP color_term> |
| <WRAP color_command><html><pre> |
| <font color="#FF8700"><b>$</b></font> <font color="#26A269">podman</font> compose version |
| </pre></html></WRAP> |
| <WRAP color_result><html><pre><u style="text-decoration-style:single">>>>> Executing external compose provider "/home/tomoyan/.local/bin/podman-compose". Please refer to the documentation for details. <<<<</u> |
| |
| podman-compose version: 1.0.6 |
| ['podman', '--version', ''] |
| using podman version: 4.9.3 |
| podman-compose version 1.0.6 |
| podman --version |
| podman version 4.9.3 |
| exit code: 0 |
</pre></html></WRAP> | </pre></html></WRAP> |
</WRAP> | </WRAP> |
==== その他 ==== | ==== その他 ==== |
[[python:manylinux|manylinux]]\\ | [[python:manylinux|manylinux]]\\ |
| [[.:podman:fedora_ubi_micro|Fedora 版の UBI Micro を独自に作る方法 (非公式😅)]]\\ |
| |
==== 技術情報 ==== | ==== 技術情報 ==== |
| |
[[https://wiki.almalinux.org/containers/docker-images.html#almalinux-docker-images-variants|AlmaLinux OS Docker Images | AlmaLinux Wiki]]\\ | [[https://wiki.almalinux.org/containers/docker-images.html#almalinux-docker-images-variants|AlmaLinux OS Docker Images | AlmaLinux Wiki]]\\ |
| |
| === カスタムレジストリの追加 === |
| 公式: [[https://podman-desktop.io/docs/containers/registries|Registries | Podman Desktop]]\\ |
| <WRAP color_term> |
| <WRAP color_command><html><pre> |
| <font color="#FF8700"><b>$</b></font> <font color="#26A269"><u style="text-decoration-style:single">sudo</u></font> <font color="#26A269">bat</font> <font color="#A347BA">-n</font> <font color="#A347BA">--paging=never</font> <font color="#A347BA">-l</font> cfg <u style="text-decoration-style:single">/etc/containers/registries.conf</u> |
| </pre></html></WRAP> |
| <WRAP color_result_long><html><pre class=Bat> |
| <font color="#444444"> 1</font> <font color="#75715E"># For more information on this configuration file, see containers-registries.conf(5).</font> |
| <font color="#444444"> 2</font> <font color="#75715E">#</font> |
| <font color="#444444"> 3</font> <font color="#75715E"># NOTE: RISK OF USING UNQUALIFIED IMAGE NAMES</font> |
| <font color="#444444"> 4</font> <font color="#75715E"># We recommend always using fully qualified image names including the registry</font> |
| <font color="#444444"> 5</font> <font color="#75715E"># server (full dns name), namespace, image name, and tag</font> |
| <font color="#444444"> 6</font> <font color="#75715E"># (e.g., registry.redhat.io/ubi8/ubi:latest). Pulling by digest (i.e.,</font> |
| <font color="#444444"> 7</font> <font color="#75715E"># quay.io/repository/name@digest) further eliminates the ambiguity of tags.</font> |
| <font color="#444444"> 8</font> <font color="#75715E"># When using short names, there is always an inherent risk that the image being</font> |
| <font color="#444444"> 9</font> <font color="#75715E"># pulled could be spoofed. For example, a user wants to pull an image named</font> |
| <font color="#444444"> 10</font> <font color="#75715E"># `foobar` from a registry and expects it to come from myregistry.com. If</font> |
| <font color="#444444"> 11</font> <font color="#75715E"># myregistry.com is not first in the search list, an attacker could place a</font> |
| <font color="#444444"> 12</font> <font color="#75715E"># different `foobar` image at a registry earlier in the search list. The user</font> |
| <font color="#444444"> 13</font> <font color="#75715E"># would accidentally pull and run the attacker's image and code rather than the</font> |
| <font color="#444444"> 14</font> <font color="#75715E"># intended content. We recommend only adding registries which are completely</font> |
| <font color="#444444"> 15</font> <font color="#75715E"># trusted (i.e., registries which don't allow unknown or anonymous users to</font> |
| <font color="#444444"> 16</font> <font color="#75715E"># create accounts with arbitrary names). This will prevent an image from being</font> |
| <font color="#444444"> 17</font> <font color="#75715E"># spoofed, squatted or otherwise made insecure. If it is necessary to use one</font> |
| <font color="#444444"> 18</font> <font color="#75715E"># of these registries, it should be added at the end of the list.</font> |
| <font color="#444444"> 19</font> <font color="#75715E">#</font> |
| <font color="#444444"> 20</font> <font color="#75715E"># # An array of host[:port] registries to try when pulling an unqualified image, in order.</font> |
| <font color="#444444"> 21</font> <font color="#F92672">unqualified-search-registries</font><font color="#F8F8F2"> = </font><font color="#E6DB74">["registry.fedoraproject.org", "registry.access.redhat.com", "docker.io",</font> |
| <font color="#444444"> </font> <font color="#E6DB74"> "quay.io"]</font> |
| <font color="#444444"> 22</font> <font color="#75715E">#</font> |
| <font color="#444444"> 23</font> <font color="#75715E"># [[registry]]</font> |
| <font color="#444444"> 24</font> <font color="#75715E"># # The "prefix" field is used to choose the relevant [[registry]] TOML table;</font> |
| <font color="#444444"> 25</font> <font color="#75715E"># # (only) the TOML table with the longest match for the input image name</font> |
| <font color="#444444"> 26</font> <font color="#75715E"># # (taking into account namespace/repo/tag/digest separators) is used.</font> |
| <font color="#444444"> 27</font> <font color="#75715E"># #</font> |
| <font color="#444444"> 28</font> <font color="#75715E"># # The prefix can also be of the form: *.example.com for wildcard subdomain</font> |
| <font color="#444444"> 29</font> <font color="#75715E"># # matching.</font> |
| <font color="#444444"> 30</font> <font color="#75715E"># #</font> |
| <font color="#444444"> 31</font> <font color="#75715E"># # If the prefix field is missing, it defaults to be the same as the "location" field.</font> |
| <font color="#444444"> 32</font> <font color="#75715E"># prefix = "example.com/foo"</font> |
| <font color="#444444"> 33</font> <font color="#75715E">#</font> |
| <font color="#444444"> 34</font> <font color="#75715E"># # If true, unencrypted HTTP as well as TLS connections with untrusted</font> |
| <font color="#444444"> 35</font> <font color="#75715E"># # certificates are allowed.</font> |
| <font color="#444444"> 36</font> <font color="#75715E"># insecure = false</font> |
| <font color="#444444"> 37</font> <font color="#75715E">#</font> |
| <font color="#444444"> 38</font> <font color="#75715E"># # If true, pulling images with matching names is forbidden.</font> |
| <font color="#444444"> 39</font> <font color="#75715E"># blocked = false</font> |
| <font color="#444444"> 40</font> <font color="#75715E">#</font> |
| <font color="#444444"> 41</font> <font color="#75715E"># # The physical location of the "prefix"-rooted namespace.</font> |
| <font color="#444444"> 42</font> <font color="#75715E"># #</font> |
| <font color="#444444"> 43</font> <font color="#75715E"># # By default, this is equal to "prefix" (in which case "prefix" can be omitted</font> |
| <font color="#444444"> 44</font> <font color="#75715E"># # and the [[registry]] TOML table can only specify "location").</font> |
| <font color="#444444"> 45</font> <font color="#75715E"># #</font> |
| <font color="#444444"> 46</font> <font color="#75715E"># # Example: Given</font> |
| <font color="#444444"> 47</font> <font color="#75715E"># # prefix = "example.com/foo"</font> |
| <font color="#444444"> 48</font> <font color="#75715E"># # location = "internal-registry-for-example.com/bar"</font> |
| <font color="#444444"> 49</font> <font color="#75715E"># # requests for the image example.com/foo/myimage:latest will actually work with the</font> |
| <font color="#444444"> 50</font> <font color="#75715E"># # internal-registry-for-example.com/bar/myimage:latest image.</font> |
| <font color="#444444"> 51</font> <font color="#75715E">#</font> |
| <font color="#444444"> 52</font> <font color="#75715E"># # The location can be empty if prefix is in a</font> |
| <font color="#444444"> 53</font> <font color="#75715E"># # wildcarded format: "*.example.com". In this case, the input reference will</font> |
| <font color="#444444"> 54</font> <font color="#75715E"># # be used as-is without any rewrite.</font> |
| <font color="#444444"> 55</font> <font color="#75715E"># location = internal-registry-for-example.com/bar"</font> |
| <font color="#444444"> 56</font> <font color="#75715E">#</font> |
| <font color="#444444"> 57</font> <font color="#75715E"># # (Possibly-partial) mirrors for the "prefix"-rooted namespace.</font> |
| <font color="#444444"> 58</font> <font color="#75715E"># #</font> |
| <font color="#444444"> 59</font> <font color="#75715E"># # The mirrors are attempted in the specified order; the first one that can be</font> |
| <font color="#444444"> 60</font> <font color="#75715E"># # contacted and contains the image will be used (and if none of the mirrors contains the image,</font> |
| <font color="#444444"> 61</font> <font color="#75715E"># # the primary location specified by the "registry.location" field, or using the unmodified</font> |
| <font color="#444444"> 62</font> <font color="#75715E"># # user-specified reference, is tried last).</font> |
| <font color="#444444"> 63</font> <font color="#75715E"># #</font> |
| <font color="#444444"> 64</font> <font color="#75715E"># # Each TOML table in the "mirror" array can contain the following fields, with the same semantics</font> |
| <font color="#444444"> 65</font> <font color="#75715E"># # as if specified in the [[registry]] TOML table directly:</font> |
| <font color="#444444"> 66</font> <font color="#75715E"># # - location</font> |
| <font color="#444444"> 67</font> <font color="#75715E"># # - insecure</font> |
| <font color="#444444"> 68</font> <font color="#75715E"># [[registry.mirror]]</font> |
| <font color="#444444"> 69</font> <font color="#75715E"># location = "example-mirror-0.local/mirror-for-foo"</font> |
| <font color="#444444"> 70</font> <font color="#75715E"># [[registry.mirror]]</font> |
| <font color="#444444"> 71</font> <font color="#75715E"># location = "example-mirror-1.local/mirrors/foo"</font> |
| <font color="#444444"> 72</font> <font color="#75715E"># insecure = true</font> |
| <font color="#444444"> 73</font> <font color="#75715E"># # Given the above, a pull of example.com/foo/image:latest will try:</font> |
| <font color="#444444"> 74</font> <font color="#75715E"># # 1. example-mirror-0.local/mirror-for-foo/image:latest</font> |
| <font color="#444444"> 75</font> <font color="#75715E"># # 2. example-mirror-1.local/mirrors/foo/image:latest</font> |
| <font color="#444444"> 76</font> <font color="#75715E"># # 3. internal-registry-for-example.com/bar/image:latest</font> |
| <font color="#444444"> 77</font> <font color="#75715E"># # in order, and use the first one that exists.</font> |
| <font color="#444444"> 78</font> |
| <font color="#444444"> 79</font> <font color="#F92672">short-name-mode</font><font color="#F8F8F2">="</font><font color="#E6DB74">enforcing</font><font color="#F8F8F2">"</font> |
| </pre></html></WRAP> |
| </WRAP> |
| |
===== Buildah を使ってより無駄のない小さなコンテナを作る🤔 ===== | ===== Buildah を使ってより無駄のない小さなコンテナを作る🤔 ===== |
| 公式: [[https://buildah.io/|Buildah | buildah.io]] [[gtr>https://buildah.io/|翻訳]]\\ |
| ソースコード: [[https://github.com/containers/buildah|containers/buildah: A tool that facilitates building OCI images.]]\\ |
| |
<WRAP round tip 90%> | <WRAP round tip 90%> |
[[https://opensource.com/article/18/6/getting-started-buildah|Getting started with Buildah | Opensource.com]] [[gtr>https://opensource.com/article/18/6/getting-started-buildah|翻訳]] より\\ | [[https://opensource.com/article/18/6/getting-started-buildah|Getting started with Buildah | Opensource.com]] [[gtr>https://opensource.com/article/18/6/getting-started-buildah|翻訳]] より\\ |
</panel> | </panel> |
</accordion> | </accordion> |
| |
| ===== Overlay Filesystem ===== |
| 公式: [[https://docs.kernel.org/filesystems/overlayfs.html|Overlay Filesystem — The Linux Kernel documentation]] [[gtr>https://docs.kernel.org/filesystems/overlayfs.html|翻訳]]\\ |
| |
===== レシピ ===== | ===== レシピ ===== |
[[.:podman:openlitespeed|OpenLiteSpeed (Podman)]]\\ | [[.:podman:openlitespeed|OpenLiteSpeed (Podman)]]\\ |
| [[.:podman:simple-container-registry|podman ローカル プライベート レジストリの構築]]\\ |
| [[.:podman:kali_linux|Kali Linux (Podman)]]\\ |
| |
===== トラブルシューティング ===== | ===== トラブルシューティング ===== |
[[git>containers/podman/blob/main/rootless.md|podman/rootless.md at main · containers/podman]] [[gtr>https://github.com/containers/podman/blob/main/rootless.md|翻訳]]\\ | [[git>containers/podman/blob/main/rootless.md|podman/rootless.md at main · containers/podman]] [[gtr>https://github.com/containers/podman/blob/main/rootless.md|翻訳]]\\ |
| |
==== newuidmap: open of uid_map failed: Permission denied エラーが発生する ==== | ==== newuidmap: open of uid_map failed: Permission denied エラーが発生する🤪 ==== |
<WRAP color_term> | <WRAP color_term> |
<WRAP color_command><html><pre> | <WRAP color_command><html><pre> |
</WRAP> | </WRAP> |
| |
動いた😅一時的なものかもしれないが原因不明😇\\ | 動いた😅一時的なものかもしれないが原因不明だが <html><code>strace podman</code></html> すると治る😇\\ |
<WRAP color_term> | <WRAP color_term> |
<WRAP color_command><html><pre> | <WRAP color_command><html><pre> |
[[https://access.redhat.com/ja/articles/5632841|Universal Base Images (UBI): イメージ、リポジトリー、パッケージ、およびソースコード - Red Hat Customer Portal]]\\ | [[https://access.redhat.com/ja/articles/5632841|Universal Base Images (UBI): イメージ、リポジトリー、パッケージ、およびソースコード - Red Hat Customer Portal]]\\ |
[[https://bugzilla.redhat.com/show_bug.cgi?id=2039261|2039261 – dnf --installroot ignores gpg keys in installroot path and requires them to be present in the default path]]\\ | [[https://bugzilla.redhat.com/show_bug.cgi?id=2039261|2039261 – dnf --installroot ignores gpg keys in installroot path and requires them to be present in the default path]]\\ |
| [[https://rheb.hatenablog.com/entry/ubi-micro|【UBI】Red Hatの新しい最軽量コンテナーイメージ:UBI Microの紹介 - 赤帽エンジニアブログ]]\\ |
| |
[[https://superuser.com/questions/688733/start-a-systemd-service-inside-chroot-from-a-non-systemd-based-rootfs|unix - Start a systemd service inside chroot from a non systemd based rootfs - Super User]] [[gtr>https://superuser.com/questions/688733/start-a-systemd-service-inside-chroot-from-a-non-systemd-based-rootfs|翻訳]]\\ | [[https://superuser.com/questions/688733/start-a-systemd-service-inside-chroot-from-a-non-systemd-based-rootfs|unix - Start a systemd service inside chroot from a non systemd based rootfs - Super User]] [[gtr>https://superuser.com/questions/688733/start-a-systemd-service-inside-chroot-from-a-non-systemd-based-rootfs|翻訳]]\\ |
[[git>containers/podman/issues/3212|rootless: allow binding privileged ports with CAP_NET_BIND_SERVICE file cap · Issue #3212 · containers/podman]] [[gtr>https://github.com/containers/podman/issues/3212|翻訳]]\\ | [[git>containers/podman/issues/3212|rootless: allow binding privileged ports with CAP_NET_BIND_SERVICE file cap · Issue #3212 · containers/podman]] [[gtr>https://github.com/containers/podman/issues/3212|翻訳]]\\ |
[[so>questions/413807/is-there-a-way-for-non-root-processes-to-bind-to-privileged-ports-on-linux|Is there a way for non-root processes to bind to "privileged" ports on Linux? - Stack Overflow]]\\ | [[so>questions/413807/is-there-a-way-for-non-root-processes-to-bind-to-privileged-ports-on-linux|Is there a way for non-root processes to bind to "privileged" ports on Linux? - Stack Overflow]]\\ |
| |
| [[https://www.redhat.com/sysadmin/speeding-container-buildah|Speeding up container image builds with Buildah | Enable Sysadmin]]\\ |
| |
==== 付録 ==== | ==== 付録 ==== |