1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
User Namespaces
===============
Buildah requires a Linux Kernel with userspaces enabled. Debian
Kernels have that functionality, but the local system administrator
needs to enable it manually, with a command like this:
sudo sysctl -w kernel.unprivileged_userns_clone=1
-- Reinhard Tartler <siretart@tauware.de>, Mon, 21 Oct 2019 17:57:44 -0400
Troubleshooting rootless mode
=============================
> Error processing tar file(exit status 1): there might not be enough IDs
> available in the namespace (requested 0:42 for /etc/gshadow):
> lchown/etc/gshadow: invalid argument
This probably means that _subuid_ range is not defined in the "/etc/subuid"
file. On up-to-date system subuid/subgid ranges are automatically assigned
when a new user is added (e.g. `adduser {USER}`) but on systems upgraded
from prior Debian releases {USER} created in old environment before upgrade
may not have _subuid_ mapping.
"usermod" command have "--add-subuids" and "--add-subgids" options but it
does not check "/etc/login.defs" for ranges.
An awkward solution may be to add a new temporary user, apply her ranges to
{USER} (in "/etc/subuid" and in "/etc/subgid") then remove a temporary user
(e.g. `deluser --remove-home {USER}`).
The following command show the subuids and subgids of the current user:
cat /etc/s*id|grep $USER
|
