|
|
@@ -547,7 +547,7 @@ func verifyPlatformContainerSettings(daemon *Daemon, hostConfig *containertypes.
|
|
|
// check for various conflicting options with user namespaces
|
|
|
if daemon.configStore.RemappedRoot != "" && hostConfig.UsernsMode.IsPrivate() {
|
|
|
if hostConfig.Privileged {
|
|
|
- return warnings, fmt.Errorf("Privileged mode is incompatible with user namespaces")
|
|
|
+ return warnings, fmt.Errorf("Privileged mode is incompatible with user namespaces. You must run the container in the host namespace when running privileged mode.")
|
|
|
}
|
|
|
if hostConfig.NetworkMode.IsHost() && !hostConfig.UsernsMode.IsHost() {
|
|
|
return warnings, fmt.Errorf("Cannot share the host's network namespace when user namespaces are enabled")
|
Yong Tang