Issue using "sudo" in container: 'The "no new privileges" flag is set'

JupyterHub Zero to JupyterHub on Kubernetes
1

I’m running jupyterlab on a Zero to JupyterHub installation. In the jupyterlab terminal, I’m trying to use
sudo, but when I do, I get the following output:

(base) jovyan@jupyter:~$ sudo whoami
sudo: The "no new privileges" flag is set, which prevents sudo from running as root.
sudo: If sudo is running in a container, you may need to adjust the container configuration to disable the flag.

I’ve tried the following configuration, which I think is redundant, but it doesn’t make any difference:

hub:
  containerSecurityContext:
    allowPrivilegeEscalation: yes
    privileged: true

Does anyone know how I could fix/debug this?

Other information: I’m basing my lab image on jupyter/minimal-notebook.

2

The hub and singleuser servers are configured separately, try singleuser.allowPrivilegeEscalation

3

Thank you @manics, that solved my issue.

I thought at first the singleuser security context might’ve been inheritied from the hub, as I saw no securityContext option for the singleuser. However, I see I overlooked allowPrivilegeEscalation

1 Like
4

in wich file i add this line? i edit the file “/etc/jupyter/jupyter_notebook_config.py” but not worked.

5

It should be in your Z2JH configuration.