0
0
Dockerdevops~5 mins

User namespace remapping in Docker - Cheat Sheet & Quick Revision

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Recall & Review
beginner
What is user namespace remapping in Docker?
User namespace remapping is a Docker feature that maps container user IDs to different user IDs on the host. This improves security by isolating container users from host users.
Click to reveal answer
beginner
Why use user namespace remapping in Docker?
It reduces the risk of privilege escalation by ensuring container root users do not have root privileges on the host system.
Click to reveal answer
intermediate
Which Docker daemon configuration file is used to enable user namespace remapping?
The Docker daemon configuration file is /etc/docker/daemon.json where you can set the "userns-remap" option.
Click to reveal answer
intermediate
What is the effect of setting "userns-remap": "default" in Docker daemon.json?
It enables user namespace remapping using a default user and group created by Docker to map container users to host users.
Click to reveal answer
intermediate
How can you verify if user namespace remapping is active on a running Docker daemon?
Run the command `docker info` and check the "Security Options" section for "name=userns" entries.
Click to reveal answer
What does user namespace remapping do in Docker?
ARemoves all user IDs from containers
BMaps container user IDs to different host user IDs
CDisables user permissions inside containers
DShares the same user IDs between container and host
Where do you configure user namespace remapping in Docker?
A/etc/docker/daemon.json
B/etc/docker/config.yaml
C~/.docker/config.json
D/usr/bin/docker
What is the default value to enable user namespace remapping in Docker daemon.json?
A"userns-remap": "root"
B"userns-remap": "none"
C"userns-remap": "default"
D"userns-remap": "disabled"
How can you check if user namespace remapping is active?
ARun `docker info` and look for userns in Security Options
BRun `docker ps` and check container IDs
CRun `docker version` and check client info
DRun `docker logs` on any container
What security benefit does user namespace remapping provide?
AShares host user permissions with containers
BAllows containers to run as host root
CDisables all container users
DPrevents container root from being host root
Explain how user namespace remapping improves Docker container security.
Think about how user IDs inside containers relate to host system users.
You got /3 concepts.
    Describe the steps to enable user namespace remapping on a Docker host.
    Focus on configuration file and verification commands.
    You got /4 concepts.