minimum caps to run pbuilder in docker >= 1.2.0

I did come up with:

docker run -i -t --cap-add=SYS_ADMIN debian /bin/bash

Is there another way to give less capabilities other then “SYS_ADMIN” which also adds a lot of other caps?

  • kubernetes cannot pull local image
  • Docker-compose: resolving mongo container from Angular client code
  • How to expose Spark Driver behind dockerized Apache Zeppelin?
  • connecting to docker with curl
  • Docker compose new image and instance
  • Remote Debugging From Local to Remote Host Docker Container
  • for more info see http://linux.die.net/man/7/capabilities

    Linux VServer solved this situation by adding another flag – VXC_SECURE_MOUNT see http://linux-vserver.org/Capabilities_and_Flags

  • Docker Mac Beta and container connecting to host ports?
  • Why does my docker daemon run the container as an arbitrary non-docker user?
  • How to run Node.js and MongoDB interactive shell simultaneously within a Docker container
  • How to list images in docker registry being on registry server?
  • Problems with Sailsjs application in Docker container
  • SSH directly into a docker container
  • Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.