docker: add configuration for user namespace remapping (#121)

config/config_docker.go

@@ -78,6 +78,14 @@ type DockerConfiguration struct {
 	Overhead Overhead `json:"overhead" yaml:"overhead"`
 
 	UsePerformantInspect bool `default:"true" json:"use_performant_inspect" yaml:"use_performant_inspect"`
+
+	// Sets the user namespace mode for the container when user namespace remapping option is
+	// enabled.
+	//
+	// If the value is blank, the daemon's user namespace remapping configuration is used,
+	// if the value is "host", then the pterodactyl containers are started with user namespace
+	// remapping disabled
+	UsernsMode string `default:"" json:"userns_mode" yaml:"userns_mode"`
 }
 
 // RegistryConfiguration defines the authentication credentials for a given

environment/docker/container.go

@@ -261,6 +261,7 @@ func (e *Environment) Create() error {
 			"fowner", "fsetid", "net_bind_service", "sys_chroot", "setfcap",
 		},
 		NetworkMode: networkMode,
+		UsernsMode:  container.UsernsMode(config.Get().Docker.UsernsMode),
 	}
 
 	if _, err := e.client.ContainerCreate(ctx, conf, hostConf, nil, nil, e.Id); err != nil {

server/install.go

@@ -449,6 +449,7 @@ func (ip *InstallationProcess) Execute() (string, error) {
 		},
 		Privileged:  true,
 		NetworkMode: container.NetworkMode(config.Get().Docker.Network.Mode),
+		UsernsMode: container.UsernsMode(config.Get().Docker.UsernsMode),
 	}
 
 	// Ensure the root directory for the server exists properly before attempting