1563744 – [DOCS] Include disclaimer about images running as root not being allowed

Bug 1563744 - [DOCS] Include disclaimer about images running as root not being allowed

Summary: [DOCS] Include disclaimer about images running as root not being allowed

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	OpenShift Online
Classification:	Red Hat
Component:	Documentation
Sub Component:
Version:	3.x
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Target Release:	---
Assignee:	Ashley Hardin
QA Contact:	Dongbo Yan
Docs Contact:	Vikram Goyal
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2018-04-04 15:12 UTC by Will Gordon
Modified:	2018-05-17 12:35 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2018-05-17 12:35:41 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description Will Gordon 2018-04-04 15:12:51 UTC

Document URL: 
https://docs.openshift.com/online/dev_guide/application_lifecycle/new_app.html#specifying-an-image
https://docs.openshift.com/online/using_images/docker_images/index.html

I believe this information should be included on both of the above URLs.

Something to the affect of

"OpenShift Online runs containers using an arbitrarily assigned user ID. This provides additional security against processes escaping the container due to a container engine vulnerability and thereby achieving escalated permissions on the host node. Due to this restriction, images that run as root will not deploy as expected on OpenShift Online."

Comment 1 Ashley Hardin 2018-05-09 21:29:51 UTC

Work in progress: https://github.com/openshift/openshift-docs/pull/9140

Comment 2 Dongbo Yan 2018-05-11 07:16:50 UTC

the PR looks good to me,  move to verified

Comment 3 openshift-github-bot 2018-05-11 13:01:18 UTC

Commits pushed to master at https://github.com/openshift/openshift-docs

https://github.com/openshift/openshift-docs/commit/e3fd0592e6d6d8d978c0a0f504f4dede84891e34
Bug 1563744, added disclaimers about images running as root in Online

https://github.com/openshift/openshift-docs/commit/55497fa4dc595ce60b99c4d2e81baa99394fb1a4
Merge pull request #9140 from ahardin-rh/online-images-running-as-root

Bug 1563744, added disclaimers about images running as root in Online

Comment 4 Ashley Hardin 2018-05-17 12:35:41 UTC

This content is now published: https://access.redhat.com/documentation/en-us/openshift_online/3/html/developer_guide/application-life-cycle-management#specifying-an-image

Note You need to log in before you can comment on or make changes to this bug.