By default, the current order prefers docker/podman over apptainer/singularity; however, this tends to lead to issues on systems that have both apptainer and a restricted, rootless podman installed. The installed podman has a ID restriction preventing it from running some images. (More detail printout below)
My general idea is to, at minimum, have denv prefer apptainer/singularity as a proxy for a test on if podman is restricted or not. I could also investigate the addition of a prompt for the user to choose the runner they wish to use and then write that runner into the config (or maybe a user config in ~/.config?). This is somewhat tied with #93 since having a check function that actually shows which runner will be used by denv will be helpful for testing a more complicated deduction procedure.
I've seen this on SLAC's S3DF and JLab's ifarm.
$ podman run --rm hello-world
!... Hello Podman World ...!
.--"--.
/ - - \
/ (O) (O) \
~~~| -=(,Y,)=- |
.---. /` \ |~~
~/ o o \~~~~.----. ~~
| =(X)= |~ / (O (O) \
~~~~~~~ ~| =(Y_)=- |
~~~~ ~~~| U |~~
Project: https://github.com/containers/podman
Website: https://podman.io
Desktop: https://podman-desktop.io
Documents: https://docs.podman.io
YouTube: https://youtube.com/@Podman
X/Twitter: @Podman_io
Mastodon: @Podman_io@fosstodon.org
$ podman image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
quay.io/podman/hello latest b1c06f48960c 4 days ago 1.7 MB
$ podman pull busybox:latest
Resolved "busybox" as an alias (/etc/containers/registries.conf.d/000-shortnames.conf)
Trying to pull docker.io/library/busybox:latest...
Getting image source signatures
Copying blob 7b2699543f22 done
Error: writing blob: adding layer with blob "sha256:7b2699543f22d5b8dc8d66a5873eb246767bca37232dee1e7a3b8c9956bceb0c": Error processing tar file(exit status 1): potentially insufficient UIDs or GIDs available in user namespace (requested 65534:65534 for /home): Check /etc/subuid and /etc/subgid if configured locally and run podman-system-migrate: lchown /home: invalid argument
$ podman image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
quay.io/podman/hello latest b1c06f48960c 4 days ago 1.7 MB
By default, the current order prefers docker/podman over apptainer/singularity; however, this tends to lead to issues on systems that have both apptainer and a restricted, rootless podman installed. The installed podman has a ID restriction preventing it from running some images. (More detail printout below)
My general idea is to, at minimum, have
denvprefer apptainer/singularity as a proxy for a test on if podman is restricted or not. I could also investigate the addition of a prompt for the user to choose the runner they wish to use and then write that runner into the config (or maybe a user config in~/.config?). This is somewhat tied with #93 since having a check function that actually shows which runner will be used by denv will be helpful for testing a more complicated deduction procedure.I've seen this on SLAC's S3DF and JLab's ifarm.