kubernetes
/
website
mirror of https://github.com/kubernetes/website.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #1068 from rickypai/patch-2 

Fix link to docker reference on runtime privilege
reviewable/pr1070/r1
Jared 2016-08-19 14:30:25 -07:00 committed by GitHub
parent 16657bcaa2 5e905842ee
commit e2c4abc654
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
docs/user-guide/containers.md
View File

@ -51,7 +51,7 @@ Here are examples for these rules in table format
## Capabilities
By default, Docker containers are "unprivileged" and cannot, for example, run a Docker daemon inside a Docker container. We can have fine grain control over the capabilities using cap-add and cap-drop.More details [here](https://docs.docker.com/reference/run/#runtime-privilege-linux-capabilities-and-lxc-configuration).
By default, Docker containers are "unprivileged" and cannot, for example, run a Docker daemon inside a Docker container. We can have fine grain control over the capabilities using cap-add and cap-drop. More details [here](https://docs.docker.com/engine/reference/run/#/runtime-privilege-and-linux-capabilities).
The relationship between Docker's capabilities and [Linux capabilities](http://man7.org/linux/man-pages/man7/capabilities.7.html)
@ -93,4 +93,4 @@ The relationship between Docker's capabilities and [Linux capabilities](http://m
| LEASE | CAP_LEASE |
| SETFCAP | CAP_SETFCAP |
| WAKE_ALARM | CAP_WAKE_ALARM |
| BLOCK_SUSPEND | CAP_BLOCK_SUSPEND |
| BLOCK_SUSPEND | CAP_BLOCK_SUSPEND |