1exe,euser,egroup,pidns,caps,nonewprivs,filter 2cloud-init,root,root,No,No,No,No 3device_policy_m,root,root,No,No,No,No 4first-boot,root,root,No,No,No,No 5onboot,root,root,No,No,No,No 6systemd-journal,root,root,No,No,No,No 7systemd-logind,root,root,No,No,No,No 8systemd,root,root,No,No,No,No 9systemd-udevd,root,root,No,No,No,No 10 11# TODO: These processes do not really need to run as root. Figure out a way to 12# run them unprivileged/sandboxed. 13curl,root,root,No,No,No,No 14wait_for_user_d,root,root,No,No,No,No 15get_metadata_va,root,root,No,No,No,No 16install_custom_,root,root,No,No,No,No 17konlet-startup,root,root,No,No,No,No 18 19# Docker daemon processes. 20dockerd,root,root,No,No,No,No 21docker-containe,root,root,No,No,No,No 22 23# Processes that used by GCP compute image packages. 24google_ip_forwa,root,root,No,No,No,No 25google_accounts,root,root,No,No,No,No 26google_clock_sk,root,root,No,No,No,No 27google_metadata,root,root,No,No,No,No 28google_instance,root,root,No,No,No,No 29google_network_,root,root,No,No,No,No 30