Merge pull request #387 from stefanlasiewski/patch-2

Mano Marks · web-flow · commit a2f56ac9da93 · 2018-01-16T16:42:11.000-08:00
--privileged can be used with user namespaces
diff --git a/security/userns/README.md b/security/userns/README.md
@@ -151,7 +151,13 @@ In this step you'll see how to implement user namespaces.
    See 'docker run --help'.
    ```
 
-  As stated in the error response, *privileged* containers are not currently supported with user namespaces.
+  As stated in the error response, *privileged* containers are not currently supported with user namespaces. But user namespaces for a container can be disabled by using the 'host' user namespace:
+  
+  ```
+  ubuntu@node:~$ sudo docker run --rm --privileged --userns=host alpine id
+  uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel),11(floppy),20(dialout),26(tape),27(video)
+  ubuntu@node:~$ 
+  ```
 
 6. Start a new container in interactive mode and mount the Docker Host's `/bin` directory as a volume.
 
