UID/GID errors when launching dock-droid image

[ralmond]

I'm trying to launch docker.io/sickcodes/dock-droid:latest on Pop_OS 22.04 with podman 3.4.4. I'm getting the following error:

$ docker run -it     --device /dev/kvm     -v /tmp/.X11-unix:/tmp/.X11-unix     -e "DISPLAY=${DISPLAY:-:0.0}"     -p 5555:5555     docker.io/sickcodes/dock-droid
Emulate Docker CLI using podman. Create /etc/containers/nodocker to quiet msg.
Trying to pull docker.io/sickcodes/dock-droid:latest...
[snip blob copying]
Error: writing blob: adding layer with blob "sha256:737951ef135522efba7bed8ee87e3d49e44a3b63120c7df4e4e4d821a48c6ecc": Error processing tar file(exit status 1): potentially insufficient UIDs or GIDs available in user namespace (requested 1000:1000 for /home/arch): Check /etc/subuid and /etc/subgid: lchown /home/arch: invalid argument

By the by, /etc/subuid and /etc/subgid are both empty.

Looking at a tip I found online, I added the --storage-opt ignore_chown_errors=true to the command. This gave me a related error:

$ podman --storage-opt ignore_chown_errors=true run -it     --device /dev/kvm     -v /tmp/.X11-unix:/tmp/.X11-unix     -e "DISPLAY=${DISPLAY:-:0.0}"     -p 5555:5555     docker.io/sickcodes/dock-droid
Trying to pull docker.io/sickcodes/dock-droid:latest...
Getting image source signatures
[snip]
Writing manifest to image destination
Storing signatures
Error: OCI runtime error: runc create failed: unable to start container process: unable to setup user: invalid argument

Googling that error message seems to indicate that it is related UID mapping, so I think the two issues are related.

For reference:

$ podman info
host:
  arch: amd64
  buildahVersion: 1.23.1
  cgroupControllers:
  - memory
  - pids
  cgroupManager: systemd
  cgroupVersion: v2
  conmon:
    package: 'conmon: /usr/bin/conmon'
    path: /usr/bin/conmon
    version: 'conmon version 2.0.25, commit: unknown'
  cpus: 12
  distribution:
    codename: jammy
    distribution: pop
    version: "22.04"
  eventLogger: journald
  hostname: cherry
  idMappings:
    gidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    uidmap:
    - container_id: 0
      host_id: 1000
      size: 1
  kernel: 6.1.11-76060111-generic
  linkmode: dynamic
  logDriver: journald
  memFree: 1286414336
  memTotal: 33600307200
  ociRuntime:
    name: runc
    package: 'runc: /usr/sbin/runc'
    path: /usr/sbin/runc
    version: |-
      runc version 1.1.0-0ubuntu1.1
      spec: 1.0.2-dev
      go: go1.18.1
      libseccomp: 2.5.3
  os: linux
  remoteSocket:
    exists: true
    path: /run/user/1000/podman/podman.sock
  security:
    apparmorEnabled: false
    capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
    rootless: true
    seccompEnabled: true
    seccompProfilePath: /usr/share/containers/seccomp.json
    selinuxEnabled: false
  serviceIsRemote: false
  slirp4netns:
    executable: /usr/bin/slirp4netns
    package: 'slirp4netns: /usr/bin/slirp4netns'
    version: |-
      slirp4netns version 1.0.1
      commit: 6a7b16babc95b6a3056b33fb45b74a6f62262dd4
      libslirp: 4.6.1
  swapFree: 7604273152
  swapTotal: 21474299904
  uptime: 53h 14m 56.37s (Approximately 2.21 days)
plugins:
  log:
  - k8s-file
  - none
  - journald
  network:
  - bridge
  - macvlan
  volume:
  - local
registries: {}
store:
  configFile: /home/ralmond/.config/containers/storage.conf
  containerStore:
    number: 1
    paused: 0
    running: 0
    stopped: 1
  graphDriverName: overlay
  graphOptions: {}
  graphRoot: /home/ralmond/.local/share/containers/storage
  graphStatus:
    Backing Filesystem: extfs
    Native Overlay Diff: "true"
    Supports d_type: "true"
    Using metacopy: "false"
  imageStore:
    number: 1
  runRoot: /run/user/1000/containers
  volumePath: /home/ralmond/.local/share/containers/storage/volumes
version:
  APIVersion: 3.4.4
  Built: 0
  BuiltTime: Wed Dec 31 19:00:00 1969
  GitCommit: ""
  GoVersion: go1.17.3
  OsArch: linux/amd64
  Version: 3.4.4

Thanks for any suggestions.