-
Notifications
You must be signed in to change notification settings - Fork 232
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
username instead of just uid in subuid now required for rootless podman #1264
Labels
Comments
giuseppe
added a commit
to giuseppe/storage
that referenced
this issue
Jun 16, 2022
We lost this feature when we moved to using libsubid for looking up user additional ranges. If the lookup using the username fails then attempt again using the UID, since /etc/subuid and /etc/subgid allow that. Closes: containers#1264 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
PR here: #1265 |
@qhaas, if you desire a backport in RHEL, please go through the Red Hat customer channels (e.g., Bugzilla). |
Thanks for the quick response and turn-around! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)
/kind bug
Description
In podman 3.x, one could use one's uid (i.e.
uid -u
) e.g.instead of one's username (i.e.
whoami
), e.g.when mapping a subuid range for rootless podman (ditto for subgid). It is unclear if this was intentional, given the troubleshooting guide says to use the username. In podman 4.0x, using the uid causes some podman commands to fail. Oddly, some functionality works (e.g.
podman unshare
), but others do not (e.g.podman pull
), which might mean something is amiss under the hood given the inconsistency.My systems were using uid instead of username for subuid mapping (ditto for subgid), so this resulted in some troubleshooting when we upgraded from podman 3.0.x to podman 4.0.x before it was discovered that replacing the uid with the username resolves the issue that occurs with a subset of podman commands. So, thought I'd report the observation.
Steps to reproduce the issue:
uid -u
) instead of username (i.e.whoami
) in /etc/subuid (ditto for gid)podman unshare
works as expectedpodman pull registry.access.redhat.com/ubi8/ubi-minimal
failsdnf module switch-to container-tools:3.0
, followed bypodman system migrate
podman pull registry.access.redhat.com/ubi8/ubi-minimal
succeedsdnf module switch-to container-tools:rhel8
, followed bypodman system prune -af
andpodman system migrate
podman pull registry.access.redhat.com/ubi8/ubi-minimal
podman pull registry.access.redhat.com/ubi8/ubi-minimal
succeedsDescribe the results you received:
For expanded debug output, see podman4_log.txt
Describe the results you expected:
Additional information you deem important (e.g. issue happens only occasionally):
Every time
Output of
podman version
:Output of
podman info --debug
:See podman_info_debug.txt
Package info (e.g. output of
rpm -q podman
orapt list podman
):Have you tested with the latest version of Podman and have you checked the Podman Troubleshooting Guide? (https://github.com/containers/podman/blob/main/troubleshooting.md)
Yes: Latest stable version of Podman 4.x in the x86-64 RHEL 8.6 repo was tested, i.e. the one deployed using dnf module install container-tools:rhel8
Additional environment details (AWS, VirtualBox, physical, etc.):
physical RHEL 8.6 system
The text was updated successfully, but these errors were encountered: