minimum caps to run pbuilder in docker >= 1.2.0

I did come up with:

docker run -i -t --cap-add=SYS_ADMIN debian /bin/bash

Is there another way to give less capabilities other then “SYS_ADMIN” which also adds a lot of other caps?

  • Check that Docker container has enough disk space
  • Getting docker pull to default pull from a private registry?
  • Where are docker's registered drivers being initialized in the source code?
  • COPYing a file in a Dockerfile, no such file or directory?
  • Mounted docker volume to host directory contains only files from the last container
  • docker pull push not working post successful login
  • for more info see http://linux.die.net/man/7/capabilities

    Linux VServer solved this situation by adding another flag – VXC_SECURE_MOUNT see http://linux-vserver.org/Capabilities_and_Flags

  • Dockerize laravel queue:listen
  • How to create docker containers with the same internal IP address?
  • find docker containers created using a docker image
  • npm install error with docker - kurento application
  • Docker build takes too long
  • Docker local registry : push fails
  • Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.