From mboxrd@z Thu Jan 1 00:00:00 1970 X-GM-THRID: 7205086520363974656 X-Received: by 2002:ac8:534f:0:b0:3bf:db2a:6a22 with SMTP id d15-20020ac8534f000000b003bfdb2a6a22mr564262qto.12.1677574579421; Tue, 28 Feb 2023 00:56:19 -0800 (PST) X-BeenThere: isar-users@googlegroups.com Received: by 2002:a05:620a:4448:b0:742:30d1:7f75 with SMTP id w8-20020a05620a444800b0074230d17f75ls2550126qkp.4.-pod-prod-gmail; Tue, 28 Feb 2023 00:56:19 -0800 (PST) X-Received: by 2002:a05:620a:1911:b0:71f:b8f8:f3e1 with SMTP id bj17-20020a05620a191100b0071fb8f8f3e1mr964721qkb.7.1677574579012; Tue, 28 Feb 2023 00:56:19 -0800 (PST) Received: by 2002:a05:620a:1915:b0:73b:7f0a:d4a4 with SMTP id af79cd13be357-74279353e84ms85a; Mon, 27 Feb 2023 21:58:11 -0800 (PST) X-Google-Smtp-Source: AK7set8vLw8FEuu6narPJC8hH04JegFPk1DIO1EyJXIQqiFjY0FQ7qgdH+/A7wel0O5uGzpQtojT X-Received: by 2002:ac2:4282:0:b0:4cc:6e3a:32a3 with SMTP id m2-20020ac24282000000b004cc6e3a32a3mr464203lfh.25.1677563890011; Mon, 27 Feb 2023 21:58:10 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1677563889; cv=pass; d=google.com; s=arc-20160816; b=Uy4wd57wPf7ik4L/qS34nIOuPPEfjica96glE1admDpBhjqaJTHQpR81CnsbiuL+d0 uFBupZrs+sPL+HXCiiEY3Ebvs/V8O5IN8BSeKmpJRQ4aRUYhXstr98iZmkuzGT44Kr/0 Wm0nk93G812BgsPk5zfA/AxGUEJMc4l2djmqheBakSa9MnLeqOF3SJURfSfJbQ6NE6g8 Y0isoAN+nYtxIGmXvn6eKdg5+ckuL+rXqTxvK0Hy8Z1sOWDXS4UwGkbkN0ZQareCS2WD UWFyRkvm4pa2qS7ImGa+LXl+hjiDWO7sL24uLV70UIL0HS5RzfsOjtMGwxdNtBVLj+S2 rTnA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=mime-version:msip_labels:content-language:accept-language :message-id:date:thread-index:thread-topic:subject:cc:to:from :dkim-signature; bh=NtFruh+5Hz5H2iravgrktSZnmPsA8vSvKZXBChGIRw0=; b=KTxGqmtVK2QZE6cNGhjOf2iVqyW99fFdKcBzRQ+SdSA1fBMrGNZlIbV1ODAFRwV7RO X8FFaoNBkMWTJ3hazW3us07LPkuRrlZceINx3x8dlm7M4orDPKIWwuIw/1CwAnBHRTiI 3xGffxqxKVFl7449C2b3NI9iO0EyI00XJvpzbH/l3ggOnuD5HJDO1YTJ1lF4GpfSJ9NY psRXX7AliXTuX8aMKFQ3QYQhqQ7RNUJCOrcJ+ne6RgGcBTVuz8+5mMEVMArNy+0c8CE7 GHAnJTXukstKy2AVdLZ0Z19Fp9I9DPhaLBLMIrg4L1/0sbWTa8tALgVhqDKP5NKd7g4/ zlQw== ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=ehBt9fRa; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of srikanth.krishnakar@siemens.com designates 2a01:111:f400:feae::60b as permitted sender) smtp.mailfrom=srikanth.krishnakar@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Return-Path: Received: from APC01-PSA-obe.outbound.protection.outlook.com (mail-psaapc01on2060b.outbound.protection.outlook.com. [2a01:111:f400:feae::60b]) by gmr-mx.google.com with ESMTPS id l6-20020a2ea306000000b00295a255ee26si340825lje.6.2023.02.27.21.58.09 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 27 Feb 2023 21:58:09 -0800 (PST) Received-SPF: pass (google.com: domain of srikanth.krishnakar@siemens.com designates 2a01:111:f400:feae::60b as permitted sender) client-ip=2a01:111:f400:feae::60b; Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=ehBt9fRa; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of srikanth.krishnakar@siemens.com designates 2a01:111:f400:feae::60b as permitted sender) smtp.mailfrom=srikanth.krishnakar@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=YwxBmMSZ5YNf/wLeL69uoXrbsjMEw1gGj4AfoGWR2gFOymW/zg7EbbICVqWmrCK2F1yK1R5FBMw4vQq7p5swHesvqpr9JQRQ6pDT6XtyhHSUdROCl7XJTB+OHwDqv9czgl9+X86jVbks8NeMw6wiuw3oNqxSBR/PPQElBdsdxB0jQ3GnONwE0LrZADqPS67HmBT2h/VU07KRaKYz0x2Anya5mZuZxyAPq8cede65HwNbQhmQkwKuGlSrMGbk+I0D9lDVKBZBJnU+AQqL3A76/2qHsRQR8SVFsmjXgLXs0OO6EQsKpWuLqAm6ghACBkfX8/vmeHOGbC8mCi5HYmHrhw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=NtFruh+5Hz5H2iravgrktSZnmPsA8vSvKZXBChGIRw0=; b=OAWOReovAO4BGU7sjROgGifXjfqbuY/twAuXZgOArAKxsBg48y15WLiq1l0lMG/ddclASbji7GhK1+9+pkyeHVTuyjaFAt/+t2cao8Ax8FKWWmicjwIeZ2PAFRdBkkprfe2E7zV3JnTnitx5cx3hFDjEBs/o3UvFK2lDbjIJu/GaGrSCyinQtaYtOQ+vf8ij5Fkr47Nvgv2SOysyeJEEEPPVbS5QOVEqc013FZywvZptf+UIRJy5wPzX5yzTE/iOIBzlzyR4e5GP2XzJ2C88s46gzBHR3v3EleA+KQAxp6XvfCsIbsG26YGj/mVRjhYkvA13JqjusptLnQMGmJ0UOw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=siemens.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=NtFruh+5Hz5H2iravgrktSZnmPsA8vSvKZXBChGIRw0=; b=ehBt9fRaV2bfXfYIWIIZEByu86gepmPp2yDl/3lwUPoJFS3WVwQIzFb8Cy/nZGUBLTMpCSmbfrqjAWcM1fvzA1MvRIWnGyqVDzP+nbhG3F/noYHcVxlTWyN7K5bE/C2SjHE9UnFMBFgefqYq/EQQRkWyI8CwnDRjU1bz/qry90m4fFx40oqz9vxt0Cc3IR0CJz7ScxVkjowU5wyM2TvhL2c8HoGEA/lxC/6e+IJuxs+hgD8GRamntcsPPm/Hmx50a4pnOseWFOFT7l3zZKxQ0pmaQBPkgnUOIF1u8GR7OmnSnm9mfy5yjJHVL3vagKaSE5t8vlAPXSS6NulwhDdLGg== Received: from TYAPR06MB2303.apcprd06.prod.outlook.com (2603:1096:404:23::18) by TYUPR06MB5876.apcprd06.prod.outlook.com (2603:1096:400:35e::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6156.12; Tue, 28 Feb 2023 05:58:06 +0000 Received: from TYAPR06MB2303.apcprd06.prod.outlook.com ([fe80::5cee:aed7:a899:ea48]) by TYAPR06MB2303.apcprd06.prod.outlook.com ([fe80::5cee:aed7:a899:ea48%7]) with mapi id 15.20.6156.016; Tue, 28 Feb 2023 05:58:06 +0000 From: "Krishnakar, Srikanth" To: "isar-users@googlegroups.com" CC: "kas-devel@googlegroups.com" Subject: Isar-based projects using kas-container and podman-rootless Thread-Topic: Isar-based projects using kas-container and podman-rootless Thread-Index: AdlLONXNYCgVCqrHQ8GW4HaPq6CO4A== Date: Tue, 28 Feb 2023 05:58:06 +0000 Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: msip_labels: MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_ActionId=770e3a20-6f08-4edd-b29b-6a6cb079b490;MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_ContentBits=0;MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_Enabled=true;MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_Method=Standard;MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_Name=restricted;MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_SetDate=2023-02-28T05:50:23Z;MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_SiteId=38ae3bcd-9579-4fd4-adda-b42e1495d55a; authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=siemens.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: TYAPR06MB2303:EE_|TYUPR06MB5876:EE_ x-ms-office365-filtering-correlation-id: 508a9bde-92c6-4876-2397-08db1950c30f x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: lgdz8No3GMve/NvsqlYQVG31qi6esC6aHZM2jND3uoUfRsZp1g0rmbcMhVJvObL4URyqEWwxcxD3pQZxGawF9LLL+9lde99UYgp6yrhz6JV2h2J1uEBmmg8NvXFGQJXoEOKl+0Z/e9qtQaRJcI2CwuU1zJG1K4Ymrr3E8Mhdf675PSdYiWOrtcYcJlDgDhIj/QOvf98CNrdoBYhZTOXfcMnABiSnT3/Ow7P/6xD6SWWnCwQrgm9QdHQx5V5F2znFmUejL+dyYiFvv3YLcAEJ1IK6jVsABwZQt5X00DavPWLsck5gdg3FMmUfdrb6MwdMTb4opyHCmaJi6g5vwOuRcgHrL8plT8PdfF/zA/QYJ78oftAmVzM0hpSi978vhW6ktWct+n4bAGmCS0IcDHphjIfJIz5eFlKnaAoNMVZ3NVfY8MMSU2zBrXpeRqA0IbYvwMp2F5TrVuA59dRwLyghhU4tmFpxE7ucKixdPKcSu7aQhZVB7PcUhu/RBpWJADmg0+TiV8pIbxiY2lMbVU28iVmU1+r525FnGpeeh94X5Tn/yojmqNkinj4EPu9BomIMKFh1h2tSpEUbCKUqJ1YIVmBK0I9/lw24S74g6/PMvQQCFer5+ERqJNIVJR63wKOOLoBype22kVknJtAUtrubLaYudUYT+ORCKe1QVeFA+4VRMAXQ8wFM8HSk9tJt/2sqzO8dWQ/Ncd20VMACy7aVJQ== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:TYAPR06MB2303.apcprd06.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230025)(4636009)(136003)(376002)(396003)(346002)(39860400002)(366004)(451199018)(7696005)(6506007)(26005)(8936002)(41300700001)(66446008)(64756008)(8676002)(4326008)(9326002)(52536014)(66556008)(66476007)(478600001)(5660300002)(66946007)(2906002)(450100002)(6916009)(122000001)(71200400001)(55016003)(33656002)(82960400001)(86362001)(316002)(38070700005)(76116006)(558084003)(38100700002)(9686003)(186003);DIR:OUT;SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?MDBFJtXu+VnXMnvL0HSIXiyEa+Mg7kOagKLvR0LCW/FibuAM1opwl4gExhZK?= =?us-ascii?Q?Mqb4FPkwo0BTdPNdumR1CM0wwxGwGj9HSirlenKmEE/STCuvhCECO0Av5Suu?= =?us-ascii?Q?5qXqLlByL9whWEHMI2FPmysrAUPCbaMg451HsI0UGHiNQfzlZ+d0UnPkcUXu?= =?us-ascii?Q?nBk6oSVaut4m4o6dPQp4pHn1WKQQXbzDY0jc5lRQ3EEbmOjRZkeBIzYsDvyT?= =?us-ascii?Q?0EQVn3q150oTGSj4Q/UXx/C1oLry0qGrtShc7Xxpyzqw/wgYv9KQl4sZXV0+?= =?us-ascii?Q?HfCj7PzVv9M0v8vkBlunARNsxAhhKRxqxp2p81kOGdXJC9UHX1rEkHOiYHj+?= =?us-ascii?Q?e0DcN2nhVmkHLZrA0WMaSVvcuTwKIJFv++0a79nyLVq1AXbD0veHNdoj2FrT?= =?us-ascii?Q?lfqxZKyN+mn3rmNcAVnsX+KFJDgb/seElUo//VNw3pNVaNsyqQvP/3Gh7V1g?= =?us-ascii?Q?kaK/UQpTN6P8Ms+8LL4bVT6q6TnezJ0MeA4oiAhpSVs0C7J4xxzM5uOZ2Sv9?= =?us-ascii?Q?CCnx7JR0hj7ywtZIRFwrzsZHGPDiM9z6ZXnSup9MAzqaXExcMFpu3SZm5d4e?= =?us-ascii?Q?Jpwz0iZlRNjKPFBkkPTpfiSgzKc353n5LZcPihe9tN709hzvU+dLAHSihre2?= =?us-ascii?Q?e2wG1h3VDkc/05oaqoQ8f6QeSWzvWwfGT40sOXv/OO4yXPHRR9Udu6STCR6J?= =?us-ascii?Q?4+ybIpPHlLTyfbwC0w+cQF1dvYq9Tkr8KwjHk4pdKsB+p4muJmHyQYJfiaOO?= =?us-ascii?Q?XEJoyIg+9E0LIGUMBX0JeOdGy4ndVfkICC0taQpKtvTJ8WNi77FgxyyMxXK2?= =?us-ascii?Q?7oxZvQHrlECw9JGultamsDeg3HvZ15X9TqeJ4c3ZFYpFQMKLpKFmDRTOmQPD?= =?us-ascii?Q?MvyXa4178b3PySSarcPYi7xiTkYtdpYQu/Lhfbw3dDM+TIhsOufdd1HEtIRR?= =?us-ascii?Q?AZ3FfvPtNbh9Att30kZjFSQ2q2LO86NMfzFLSpiNhmRBeXbc9W8FN9wwWAZI?= =?us-ascii?Q?i6Pu3nh4Sj/3HJs+enSU8p6+AmPDmMkZCkBwy8CV52yaXK5vwpAmev5QUhB+?= =?us-ascii?Q?3bbcT2IHfbXk+TKNRjVVjBKmsegbIkbWp+ZB65BrjZdhPCTFun/v7gyZ0Sac?= =?us-ascii?Q?PwpMqSmGUgknCViYLdFxPClrobGdSM8nteLy/wuzxfT9yDcXCxfJey55whW6?= =?us-ascii?Q?luZP+WaE2MII9SmPLVcGsmtv1rqIS8C7cgBV7ljLaqJD2b3FBu/JyaQRXDSo?= =?us-ascii?Q?oeXF8UcMXor0IC8/7g9+LkYCvGMuIcj50NQMVY0I73NvxwGb5iHpuNF/jBL8?= =?us-ascii?Q?c2HdTGUN3r6uBaagrAfDtNY1es0l1alu0oY2dsXZZoJ0YrIBLDJtHxJCUKI5?= =?us-ascii?Q?KzEz0f+OYsly5Ne9cM5MVCv7rEECT8q8c2w+LFQ05L3iTt1R1/IdkLI8aHMy?= =?us-ascii?Q?jbCUFgFQVddHuEVK2Zrl14hdnami8inc7Db2CzP8o7Aj7OSMOfEyMXi6Zp+c?= =?us-ascii?Q?sZXBERvsMG+DZ4EWlUFMjkKu18OpaN4Kj+8ASOBEMftdDpi61etzuVe0XpKs?= =?us-ascii?Q?uLHAQ1B2YHxAoFrJF5SjiYaC/NB99GGVZAJGyQHEjSn0BQRFWL+1T51RkQ6K?= =?us-ascii?Q?mA=3D=3D?= Content-Type: multipart/alternative; boundary="_000_TYAPR06MB230385626C40701C9CAD97EDFDAC9TYAPR06MB2303apcp_" MIME-Version: 1.0 X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: TYAPR06MB2303.apcprd06.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 508a9bde-92c6-4876-2397-08db1950c30f X-MS-Exchange-CrossTenant-originalarrivaltime: 28 Feb 2023 05:58:06.3059 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: HhaiIcXrdme7agSTYbWSLMCcYCQl3/qsqJfwbReMRhsPHxL3Bk+jHZau5k5qh/pRSLi623kDqn2DnauqqrJAc/sAUIwS9RE6Fb30YGVcDHw= X-MS-Exchange-Transport-CrossTenantHeadersStamped: TYUPR06MB5876 X-TUID: Knu5w4OhHxmA --_000_TYAPR06MB230385626C40701C9CAD97EDFDAC9TYAPR06MB2303apcp_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hello, Can we build Isar-based projects using kas-container+podman but without any= privilege escalations of any sorts on the host (container may do whatever = it needs to as long as it is not running with --privileged) ? Thanks, Srikanth --_000_TYAPR06MB230385626C40701C9CAD97EDFDAC9TYAPR06MB2303apcp_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Hello,

 

Can we build Isar-based projects using kas-container= +podman but without any privilege escalations of any sorts on the host (con= tainer may do whatever it needs to as long as it is not running with --priv= ileged) ?


Thanks,=

Srikanth<= o:p>

 

--_000_TYAPR06MB230385626C40701C9CAD97EDFDAC9TYAPR06MB2303apcp_--