Open mogeko opened 1 year ago
I'm using Butane to deploy a Fedora CoreOS.
I want to create a non-privileged user (nonroot) specifically to run the Podman container.
nonroot
But it seems that Butane did not set /etc/subuid and /etc/subgid for him:
/etc/subuid
/etc/subgid
variant: fcos version: 1.5.0 passwd: groups: - name: nonroot gid: 65532 users: - name: mogeko gecos: Mogeko ssh_authorized_keys: - ssh-rsa ... groups: - wheel - sudo - name: nonroot gecos: Unprivileged User uid: 65532 primary_group: nonroot no_log_init: true shell: /sbin/nologin # ...
$ id uid=1001(mogeko) gid=1001(mogeko) groups=1001(mogeko),10(wheel),16(sudo) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 $ sudo --user=nonroot id uid=65532(nonroot) gid=65532(nonroot) groups=65532(nonroot) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 $ cat /etc/subuid core:524288:65536 mogeko:589824:65536 $ cat /etc/subgid core:524288:65536 mogeko:589824:65536
I'm using Butane to deploy a Fedora CoreOS.
I want to create a non-privileged user (
nonroot) specifically to run the Podman container.But it seems that Butane did not set
/etc/subuidand/etc/subgidfor him: