From 027f9edeae2e5f562783d5e9b13070ef0e8afacb Mon Sep 17 00:00:00 2001 From: Dave Dykstra <2129743+DrDaveD@users.noreply.github.com> Date: Fri, 12 Jul 2024 14:39:08 -0500 Subject: [PATCH] remove el7 references Signed-off-by: Dave Dykstra <2129743+DrDaveD@users.noreply.github.com> --- installation.rst | 12 ++++++------ user_namespace.rst | 28 ++++------------------------ 2 files changed, 10 insertions(+), 30 deletions(-) diff --git a/installation.rst b/installation.rst index 4ab1fcd..9abe7ac 100755 --- a/installation.rst +++ b/installation.rst @@ -308,19 +308,19 @@ repositories like this: .. code:: - $ sudo yum install -y epel-release + $ sudo dnf install -y epel-release Then to install a non-setuid installation of {Project} do: .. code:: - $ sudo yum install -y {command} + $ sudo dnf install -y {command} or for a setuid installation do: .. code:: - $ sudo yum install -y {command}-suid + $ sudo dnf install -y {command}-suid Install from GitHub release RPMs -------------------------------- @@ -331,13 +331,13 @@ non-setuid installation: .. code:: - $ sudo yum install -y https://github.com/{orgrepo}/releases/download/v{InstallationVersion}/{command}-{GitHubDownloadVersion}.x86_64.rpm + $ sudo dnf install -y https://github.com/{orgrepo}/releases/download/v{InstallationVersion}/{command}-{GitHubDownloadVersion}.x86_64.rpm For the setuid installation do above command first and then this one: .. code:: - $ sudo yum install -y https://github.com/{orgrepo}/releases/download/v{InstallationVersion}/{command}-suid-{GitHubDownloadVersion}.x86_64.rpm + $ sudo dnf install -y https://github.com/{orgrepo}/releases/download/v{InstallationVersion}/{command}-suid-{GitHubDownloadVersion}.x86_64.rpm Install Debian packages ------------------------------ @@ -425,7 +425,7 @@ continues to work in new shells. (Adjust the path if you installed Build an RPM ------------ -If you use RHEL, CentOS or SUSE, building and installing {aProject} +If you use RHEL, a RHEL derivate, or SUSE, building and installing {aProject} RPM allows your {Project} installation be more easily managed, upgraded and removed. diff --git a/user_namespace.rst b/user_namespace.rst index d28f733..ab174ce 100644 --- a/user_namespace.rst +++ b/user_namespace.rst @@ -32,11 +32,8 @@ of the user guide. To allow unprivileged creation of user namespaces a kernel >=3.8 is required, with >=4.18 being recommended due to support for unprivileged mounting of FUSE filesystems (needed for example for mounting SIF files). -The equivalent recommendation on RHEL7 is >=3.10.0-1127 from release -7.8, where unprivileged mounting of FUSE filesystems was backported. To use unprivileged overlayFS for creating missing bind mount paths and for writable overlays, kernel >=5.11 is recommended. -That feature has not been backported to RHEL7. Whenever the kernel overlayFS doesn't work then {Project} will use fuse-overlayfs instead. @@ -44,27 +41,10 @@ Additionally, some Linux distributions require that unprivileged user namespace creation is enabled using a ``sysctl`` or kernel command line parameter. Please consult your distribution documentation or vendor to confirm the steps necessary to 'enable unprivileged user namespace -creation'. - -Debian -====== - -.. code:: - - sudo sh -c 'echo kernel.unprivileged_userns_clone=1 \ - >/etc/sysctl.d/90-unprivileged_userns.conf' - sudo sysctl -p /etc/sysctl.d/90-unprivileged_userns.conf - -RHEL/CentOS 7 -============= - -From 7.4, kernel support is included but must be enabled with: - -.. code:: - - sudo sh -c 'echo user.max_user_namespaces=15000 \ - >/etc/sysctl.d/90-max_user_namespaces.conf' - sudo sysctl -p /etc/sysctl.d/90-max_user_namespaces.conf +creation'. +In general, the parameter ``user.max_usernamespaces`` has to be non-zero, +and additionally on Debian the parameter ``kernel.unprivileged_userns_clone`` +needs to be non-zero. ****************************** Disabling network namespaces