Open shevelevs opened 2 years ago
lchown /run/user/1000/containerd-mount843278575/run/lock/lockdev: invalid argument\n"
This chown fails because you don’t have subuids. (And you can’t get subuids with no-new-privileges mode) Probably we should have an option to ignore the chown error and set xattr instead. https://github.com/rootless-containers/proto https://github.com/rootless-containers/subuidless
When running buildkit with
unshare -U -r -m buildkitd ...
the builds are erroring out:Sam setup doesn't fail when running by rootlesskit. We can't use rootlesskit because it's executing new[gu]idmap which requires SET[GU]ID capabilities on the file which is not working with
no-new-privileges
docker option. Is there anything missing in the unshare above that buildkit needs?