OverlayFs Atomic and User Permissions

Comments

I have a RHEL7.9 server, installed with Atomic, Docker, and OpenSCAP.

I have a need for all my users to run oscap-docker to scan container images.
However the command fails with:
- "Failed to mount OverlayFS device"
"mount: only root can use "--options" option.

the OpenSCAP tool "oscap-docker" relies on Atomic as the container orchestrator for scanning images.

I don't want to give my users sodoers access to the mount command.

What are my options to ensure Atomic will be able to run and mount containers for all users, but without giving all users root permissions?

Started 2021-04-09T14:29:40+00:00 by

Thomas Langhorne

Newbie 5 points

Responses

Here are the common uses of Markdown.

Code blocks

~~~
Code surrounded in tildes is easier to read
~~~

Links/URLs

[Red Hat Customer Portal](https://access.redhat.com)

Select Your Language

Responses

Quick Links

Help

Site Info

Related Sites

About

Red Hat legal and privacy links

Red Hat legal and privacy links

Responses

Quick Links

Help

Site Info

Related Sites

Systems Status

About

Red Hat legal and privacy links

Red Hat legal and privacy links