Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added edit /etc/subgid section #199

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Added edit /etc/subgid section #199

wants to merge 2 commits into from

Conversation

AtibQur
Copy link
Contributor

@AtibQur AtibQur commented Dec 14, 2024

No description provided.

alexp-sssup
alexp-sssup requested changes Dec 16, 2024
View reviewed changes
sites/cheerpx/src/content/docs/11-guides/custom-images.mdx Outdated
For user with PID 65534 (typically the nobody user), the entry would look something like:

```
nobody:100000:65536
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Wait, I am not sure about this. I have a vague recollection that the user that needs to be changed is the current user, the id inside the container is irrelevant here. Can you validate?

sites/cheerpx/src/content/docs/11-guides/custom-images.mdx Outdated
Save the file and ensure changes are recognized by restarting your container service:

```bash
sudo systemctl restart podman
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this actually required?

@AtibQur AtibQur requested a review from alexp-sssup December 16, 2024 09:54
@alexp-sssup
Copy link
Member

@AtibQur Can you confirm this has been validated as working?

@AtibQur
Copy link
Contributor Author

AtibQur commented Dec 17, 2024

@alexp-sssup for some reason I keep getting Error: cannot setup namespace using newuidmap: exit status 1.

This happens when I'm using: podman run --rm -it --userns=keep-id alpine to start a podman container with user namespace even though uidmap is already installed on my system.
Do you have any idea/experience how to deal with this or how to test it in another way?

@alexp-sssup
Copy link
Member

I have never seen this error and I think --userns=keep-id is not correct, I certainly did never use it

@AtibQur
Copy link
Contributor Author

AtibQur commented Dec 19, 2024

@alexp-sssup I've been testing changes to /etc/subgid while running podman containers to see how group IDs are mapped. The changes are working as expected for /etc/subgid.
I was wondering if I need to also write about changing /etc/subuid to ensure proper mapping for both UIDs and GIDs

@alexp-sssup
Copy link
Member

@alexp-sssup I've been testing changes to /etc/subgid while running podman containers to see how group IDs are mapped. The changes are working as expected for /etc/subgid. I was wondering if I need to also write about changing /etc/subuid to ensure proper mapping for both UIDs and GIDs

We know there are practical problems required GID mapping for Debian, but we don't know any real world problems with UIDs. To avoid confusing people it's better not to talk about things that are not needed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@GabrielaReyna GabrielaReyna Awaiting requested review from GabrielaReyna GabrielaReyna is a code owner

@alexp-sssup alexp-sssup Awaiting requested review from alexp-sssup

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@AtibQur @alexp-sssup