starred/docker-android
1
0
Fork 0
mirror of https://github.com/budtmo/docker-android.git synced 2026-04-25 12:15:52 +03:00
Code Issues 21 Projects Releases 5 Packages Wiki Activity

[GH-ISSUE #140] Documentation update for Docker --cap-add flag #98

New issue
Closed
opened 2026-03-01 15:40:29 +03:00 by kerem · 6 comments
kerem commented 2026-03-01 15:40:29 +03:00
Owner
Copy link

Originally created by @j7an on GitHub (Jan 22, 2019).
Original GitHub issue: https://github.com/budtmo/docker-android/issues/140

Operating System:
Linux host

The current --privileged flag is giving full access to the host. Could someone update the documentation with --cap-add flag for the actual host privileges needed to run the images for this repo? This will limit any security vulnerabilities that might exist within the image.

Originally created by @j7an on GitHub (Jan 22, 2019). Original GitHub issue: https://github.com/budtmo/docker-android/issues/140 Operating System: Linux host The current `--privileged` flag is giving full access to the host. Could someone update the documentation with `--cap-add` flag for the actual host privileges needed to run the images for this repo? This will limit any security vulnerabilities that might exist within the image.
kerem 2026-03-01 15:40:29 +03:00
kerem commented 2026-03-01 15:40:30 +03:00
Author
Owner
Copy link

@budtmo commented on GitHub (Jan 24, 2019):

Hi @j7an ,

It would be great if you could help us with it and create a PR.

<!-- gh-comment-id:457115175 --> @budtmo commented on GitHub (Jan 24, 2019): Hi @j7an , It would be great if you could help us with it and create a PR.
kerem commented 2026-03-01 15:40:31 +03:00
Author
Owner
Copy link

@malletjo commented on GitHub (Mar 29, 2019):

fyi, you can use --cap-add=SYS_ADMIN --device=/dev/bus/usb.

<!-- gh-comment-id:478181481 --> @malletjo commented on GitHub (Mar 29, 2019): fyi, you can use ```--cap-add=SYS_ADMIN --device=/dev/bus/usb```.
kerem commented 2026-03-01 15:40:31 +03:00
Author
Owner
Copy link

@budtmo commented on GitHub (Apr 2, 2019):

Hi @malletjo ,

could you update documentation and create a PR?

<!-- gh-comment-id:478948567 --> @budtmo commented on GitHub (Apr 2, 2019): Hi @malletjo , could you update documentation and create a PR?
kerem commented 2026-03-01 15:40:31 +03:00
Author
Owner
Copy link

@j7an commented on GitHub (Apr 3, 2019):

@malletjo It looks like --cap-add=SYS_ADMIN is same as giving root access based on CAP_SYS_ADMIN: the new root. Are there other ones we can use as alternative?

<!-- gh-comment-id:479600468 --> @j7an commented on GitHub (Apr 3, 2019): @malletjo It looks like `--cap-add=SYS_ADMIN` is same as giving root access based on [CAP_SYS_ADMIN: the new root](https://lwn.net/Articles/486306/). Are there other ones we can use as alternative?
kerem commented 2026-03-01 15:40:31 +03:00
Author
Owner
Copy link

@HasBert commented on GitHub (May 9, 2019):

I also tried to not use the privileged mode and replace it with --cap-add=SYS_ADMIN, with --cap-add=NET_ADMIN, with --cap-add=SYS_MODULE and as @malletjo noted with --cap-add=SYS_ADMIN --device=/dev/bus/usb nothing worked for me. I'm not using a real device. Here is the official documentation of --cap-add.

Maybe it has something to do with the HAXM and KVM which are needed for virtualization and are only available on the host? Correct me if I'm wrong.
Is there a place inside the docker container where the logs of the startup process are stored? I'd love to help, but I think I'm not quite as deep in this topic than you are.

<!-- gh-comment-id:490708451 --> @HasBert commented on GitHub (May 9, 2019): I also tried to not use the privileged mode and replace it with `--cap-add=SYS_ADMIN`, with `--cap-add=NET_ADMIN`, with `--cap-add=SYS_MODULE` and as @malletjo noted with `--cap-add=SYS_ADMIN --device=/dev/bus/usb` nothing worked for me. I'm not using a real device. [Here is the official documentation of --cap-add](https://docs.docker.com/engine/reference/run/). Maybe it has something to do with the HAXM and KVM which are needed for virtualization and are only available on the host? **Correct me if I'm wrong.** Is there a place inside the docker container where the logs of the startup process are stored? I'd love to help, but I think I'm not quite as deep in this topic than you are.
kerem commented 2026-03-01 15:40:31 +03:00
Author
Owner
Copy link

@budtmo commented on GitHub (May 9, 2023):

--privileged tag is not needed anymore. Please check the current documentation to run docker-android.

<!-- gh-comment-id:1540744695 --> @budtmo commented on GitHub (May 9, 2023): --privileged tag is not needed anymore. Please check the current documentation to run docker-android.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
v3.3.0-p0
v3.2.2-p0
v3.2.0-p0
v3.1.1-p0
v3.1.0-p0
v3.0.2-p2
v3.0.2-p1
v3.0.2-p0
v3.0.1-p1
v3.0.1-p0
v2.19.0-p2
v2.19.0-p1
v2.19.0-p0
v2.18.0-p0
v2.16.2-p0
v2.15.0-p1
v2.15.0-p0
v2.11.4-p0
v2.11.2-p0
v2.11.1-p0
v2.5.4-p1
v2.5.4-p0
v2.5.1-p0
v2.5.0-p0
v2.4.1-p0
v2.3.0-p1
v2.3.0-p0
v2.2.2-p0
v2.1.3-p1
v2.1.3-p0
v2.0.1-p1
v2.0.0-p6
v2.0-p5
v2.0-p4
v2.0-p3
v2.0-p2
v2.0-p1
v1.10-p7
v1.10-p6
v1.10-p5
v1.10-p4
v1.10-p3
v1.10-p2
v1.10-p1
v1.9-p8
v1.9-p7
v1.9-p6
v1.9-p5
1.9-p4
1.9-p3
1.9-p2
1.9-p1
1.9-p0
1.8-p16
1.8-p15
1.8-p14
1.8-p13
1.8-p12
1.8-p11
1.8-p10
1.8-p9
1.8-p8
1.8-p7
1.8-p6
1.8-p5
1.8-p4
1.8-p3
1.8-p2
1.8-p1
1.8-p0
1.7-p1
1.7-p0
1.6-p8
1.6-p7
1.6-p6
1.6-p5
1.6-p4
1.6-p3
1.6-p2
1.6-p1
1.6-p0
1.5-p6
1.5-p5
1.5-p4
1.5-p3
1.5-p2
1.5-p1
1.5-p0
1.4-p1
1.4-p0
1.3-p5
1.3-p4
1.3-p3
1.3-p2
1.3-p1
1.3-p0
1.2
1.1-p1
1.1
1.0
0.9-p5
0.9-p4
0.9-p3
0.9-p2
0.9-p1
0.9
0.8
0.7
0.6
0.5
0.4
0.3
0.2
0.1
Labels
Clear labels   
bug

   
depends_on_docker

   
enhancement

   
help wanted

   
nice to have

   
waiting for response
No labels
bug
depends_on_docker
enhancement
help wanted
nice to have
waiting for response
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/docker-android#98
No description provided.