Comment on Rootless Containers with Podman
lambalicious@lemmy.sdf.org 3 days ago
It’s pretty great, and I like that the workflow for creating containers is sliiiightly easier than on Docker. I switched from Docker to Podman for most stuff about a year ago and so far there are only two hiccups that I lament:
-
the higher disk consumption due to not being able to share image storage. (I’ve tried with
additionalstoragesbut that seems to only be respected for podman run; podman build and podman compose seem to ignore it and always pull images from the registries) -
Some annoying isses with fule permissions due to rootless design - running rootless containers will create files under your user storage that you as a user have no permission to transfer or remove for cleanup or security, and severely breaks the output of tools like
duorfinddue to error spammage.
Jayjader@jlai.lu 3 days ago
In case you omitted the following out of ignorance and not by deliberate choice:
podman unsharecan be used to (mostly) painlessly access the files created by rootless podman.lambalicious@lemmy.sdf.org 3 days ago
Oh thanks, I know well about it.
podman unshareis the reason why those permission issues are not major (eg.: you don’t need to ever sudo to solve the permission issues rootless causes, I think?). But my going to was more focused o borking the output or workflow of using some of the “usual” tools of a Linux console, such as needing to account for the potential existence of a podman environment on any given user account if you ever need to rely on the recursive results of things like chmod or find.