Cloned2Preserve
/
jailmaker
mirror of https://github.com/Jip-Hop/jailmaker.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add Cockpit management

This commit is contained in:
Jip-Hop 2024-01-26 18:08:00 +01:00
parent 474faf6ede
commit 89cc0d4faf
1 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
docs/rootless_podman_in_rootless_jail.md
View File

@ -42,6 +42,8 @@ setcap cap_setgid+eip /usr/bin/newgidmap
# Create new user # Create new user
adduser rootless adduser rootless
# Set password for user
passwd rootless
# Clear the subuids and subgids which have been assigned by default when creating the new user # Clear the subuids and subgids which have been assigned by default when creating the new user
usermod --del-subuids 0-4294967295 --del-subgids 0-4294967295 rootless usermod --del-subuids 0-4294967295 --del-subgids 0-4294967295 rootless
@ -86,6 +88,20 @@ The output of podman info should contain:
Using metacopy: "false" Using metacopy: "false"
``` ```
## Cockpit management
Inside the rootless jail run (as root user):
```bash
dnf install cockpit cockpit-podman
systemctl enable --now cockpit.socket
ip a
```
Check the IP address of the jail and access the Cockpit web interface at https://0.0.0.0:9090 where 0.0.0.0 is the IP address you just found using `ip a`.
Then login as user `rootless` with the password you've created earlier. Click on `Podman containers`. In case it shows `Podman service is not active` then click `Start podman`. You can now manage your rootless podman containers in the rootless jailmaker jail using the Cockpit web GUI.
## TODO: ## TODO:
On truenas host do: On truenas host do:
sudo sysctl net.ipv4.ip_unprivileged_port_start=23 sudo sysctl net.ipv4.ip_unprivileged_port_start=23