[PVE-User] UIDs > 65535 not valid in container
Frank Thommen
f.thommen at dkfz-heidelberg.de
Thu Mar 12 19:58:17 CET 2020
On 3/12/20 5:57 PM, Dietmar Maurer wrote:
>> I fear
>> this might be a container-related issue but I don't understand it and I
>> don't know if there is a solution or a workaround.
>>
>> Any help or hint is highly appreciated
>
> Yes, we only map 65535 IDs for a single container. We cannot allow
> the full range for security reasons.
What is the security related impact of higher UIDs? This is kind of a
showstopper for us, as we planned several such minimal services which
all need to be able to map all existing UIDs in the AD.
The idea was to move them away from heavy full VMs to more lightweight
containers.
Frank
More information about the pve-user
mailing list