https://bugzilla.redhat.com/show_bug.cgi?id=1169966 Iago López <iago@xxxxxxxxxxxx> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |iago@xxxxxxxxxxxx --- Comment #29 from Iago López <iago@xxxxxxxxxxxx> --- I just wanna mention that, as discussed in https://github.com/coreos/rocket/issues/43, fetching and running images should not be restricted to the superuser. To allow that, a "rocket" group should be created and permissions in /var/lib/rkt/ should be set accordingly. That is: drwxrwxr-x 4 root rocket 4.0K Jan 9 10:37 cas/ drwxrwx--- 4 root rocket 4.0K Jan 9 10:56 containers/ drwxrwxr-x 2 root rocket 4.0K Jan 9 10:56 tmp/ Then, any user belonging to "rocket" can fetch images and read them (running is not possible since systemd-nspawn requires root). I think distribution packages are a good place for setting these. -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component _______________________________________________ package-review mailing list package-review@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/package-review