On 9/15/20 5:05 PM, Reinhard Tartler wrote:
I think this is the relevant error message. May I ask a couple of questions:
1. Did this work with an earlier verison of podman, i.e., is this a
regression? What version worked for you before?
No, I didn't try an earlier version of podman. I just found out that there
is a native podman available.
2. Does the problem go away after a reboot?
No.
3. Does the command 'unshare -nr id' work for you?
Yes:
% unshare -nr id
uid=0(root) gid=0(root) groups=0(root),65534(nogroup)
% id -a
uid=1000(harri) gid=1000(harri)
groups=1000(harri),4(adm),6(disk),20(dialout),24(cdrom),25(floppy),27(sudo),29(audio),44(video),46(plugdev),50(staff),107(haldaemon),108(powerdev),111(mythtv),112(netdev),119(kvm),123(wireshark),124(fuse),136(sbuild),999(docker)
And no, docker is not installed. It was.
4. Did you read the file /usr/share/doc/podman/README.Debian, in
particular the parts "User Namespaces" and "Troubleshooting rootless mode"?
I did, but they are no help. I don't run a Debian kernel, i.e. there
is no sysctl kernel.unprivileged_userns_clone to be set. CONFIG_USER_NS
is enabled. And AFAIR it is common practice to define default subuid
and subgid ranges as a fallback (at least for Docker).
I think there is a misunderstanding: The problem is not the error,
but the error *message*. Can you do without complaining about bad
HTTP code and URLs that don't work? Surely they don't give a hint
about what is wrong. They are just distracting.
Thanx very much
Harri
