-
Notifications
You must be signed in to change notification settings - Fork 529
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Run cron as non root user #381
Comments
I have a non-privileged user nginx. Remember: crond should be started as root at all times. |
@inl-pd-autotest Is there any workaround to do so on openshift or we should find |
I have the same problem on OpenShift, cron daemon dies with "seteuid: Operation not permitted" (probably because file systems are mounted with nosuid option) and the provider I use will not allow root containers to run. Is there any workaround to run cron daemon as non-root user? |
Hello team, i am also facing same issue, please provide something or some workaround to be used until alpine community includes it next updates |
For the record, on OpenShift I ended up with replacing our old cron-powered scripts with Kubernetes CronJobs and rewrote some parts of initialization script code to work when invoked via CronJob. It works okay-ish, the downsides are mainly unpredictability in schedule time (needs to create pod, download image on random node etc. may take a minute or two) and the fact that logs from jobs aren't in one place without some clever aggregation. Aside of that, it's better :) |
You might want to take a look at https://github.com/aptible/supercronic — it should be a plug-and-play replacement for cron (just point it at your crontab), but it plays a bit nicer with containers (it won't try to change users, and won't daemonize). Disclaimer: I'm a contributor to Supercronic :) |
Just coded the fix for alpine (busybox) linux, published the patched alpine dockers, as below: see more: https://github.com/inter169/systs/blob/master/alpine/crond/README.md |
As @inter169 says you need to allow the CAP_SETGID to run
|
I'm using https://github.com/gjcarneiro/yacron as an alternative |
Docker file example:
|
I want to create a cronjob as non-root user and without sudo. How do I create a cronjob for the same?
The text was updated successfully, but these errors were encountered: