Comment

I don’t run MicroOS myself so take this with a grain of salt. But this is usually how I do it, though there might be a better practice out there for this too.

Afaik, MicroOS by the sound of it, only ships with root by default, but rootless Podman should definitely be possible.

Normally, you need to set up user namespace mappings for your non-root user. Run these commands as root:

usermod --add-subuids 100000-165535 <yourusername>
usermod --add-subgids 100000-165535 <yourusername>

Then check they’re set up with:

grep <yourusername> /etc/subuid
grep <yourusername> /etc/subgid

This should give your regular user the ability to map container UIDs without needing root privileges. After that, Podman should work fine as your regular user.

Hope this helps a little 👍

source

Sort:hotnew top

nico198x@europe.pub ⁨5⁩ ⁨days⁩ ago
it does, thanks! i’m mostly really surprised that MicroOS hasn’t prepared all of this ahead of time for something that’s supposed to be a “ready for podman containers” install.

source
- oakcroissant@feddit.org ⁨5⁩ ⁨days⁩ ago
  This is what the Aeon maintainer said about root vs rootless in MicoOS:
  
  Since MicroOS is immutable and not meant to be changed then there’s no problem running everything as root; root can’t even write to the immutable parts of the OS
  
  The main benefits for Podman on MicroOS are very many while not including rootless. No daemon to crash and make containers unmanageable. Nicer dependency chain making it easier to keep up to date on TW. Support for kubes… and many more
  
  Source thread (Reddit)
  
  source
  - nico198x@europe.pub ⁨5⁩ ⁨days⁩ ago
    that’s great, thanks for sharing! yeah, i love to hear their thoughts on this, since i’m new to ALL of this, immutables and containers. so i want to hear what their design intention is.
    
    source