rootlesskit icon indicating copy to clipboard operation
rootlesskit copied to clipboard
verified publisher icon rootless-containers

failed to setup UID/GID map - subuid / subgid

Open idesk2596 opened this issue 4 years ago • 3 comments

Hi,

Until The glibc nss name service switch mechanism have support for managing subuid and subgid mappings, we're managing those files with symlinks to nfs shares.

/etc/subuid -> /nfs/.../subuid /etc/subgid -> /nfs/.../subgid

it is working great with singularity, but trying to implement it with docker-rootless (which use rootlesskit) we get this error:

$ rootlesskit bash [rootlesskit:parent] error: failed to setup UID/GID map: newuidmap 81751 [0 11737 1 1 4294836224 65536] failed: : exit status 1

it works if /etc/subuid and /etc/subgid were set as a regular files. Trying to work this out on a large HPC node scale.

can you support this?

Thanks, Kobe

idesk2596 avatar Jun 27 '21 13:06 idesk2596

?

idesk2596 avatar Sep 09 '21 07:09 idesk2596

This is probably an issue of newuidmap/newuidmap, and probably they prohibit symlinking on purpose

AkihiroSuda avatar Sep 09 '21 07:09 AkihiroSuda

singularity use newuidmap as well with its --fakeroot functionality and it's working well when these files are symlinks.. this is why i wonder..

idesk2596 avatar Sep 09 '21 09:09 idesk2596