Replies: 1 comment
-
Take a look at https://github.com/containers/buildah/blob/main/contrib/buildahimage/Containerfile. You need to setup a user account to run the container in, and you have to provide sufficient UIDs and GIDs in /etc/subuid and /etc/subgid to run the container with. The container must have CAP_SETUID and CAP_SETGID of the current User Namespace to work. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Description
Running into permissions issues on a rootless bud build on ubuntu 22.04
Steps to reproduce the issue:
Describe the results you received:
WARN[0000] error running newgidmap: exit status 1: newgidmap: write to gid_map failed: Operation not permitted WARN[0000] falling back to single mapping WARN[0000] error running newuidmap: exit status 1: newuidmap: write to uid_map failed: Operation not permitted WARN[0000] falling back to single mapping STEP 1/2: FROM ubuntu:22.04 Resolved "ubuntu" as an alias (/etc/containers/registries.conf.d/shortnames.conf) Trying to pull docker.io/library/ubuntu:22.04... Getting image source signatures Copying blob 5e8117c0bd28 done error creating build container: writing blob: adding layer with blob "sha256:5e8117c0bd28aecad06f7e76d4d3b64734d59c1a0a44541d18060cd8fba30c50": Error processing tar file(exit status 1): potentially insufficient UIDs or GIDs available in user namespace (requested 0:42 for /etc/gshadow): Check /etc/subuid and /etc/subgid: lchown /etc/gshadow: invalid argument ERRO[0004] exit status 125
Describe the results you expected:
STEP 1/2: FROM ubuntu:22.04 STEP 2/2: ENTRYPOINT ["/bin/bash"] COMMIT Getting image source signatures Copying blob 8ceb9643fb36 skipped: already exists Copying blob 5f70bf18a086 [--------------------------------------] 0.0b / 0.0b Copying config 8be8aeff0a done Writing manifest to image destination Storing signatures --> 8be8aeff0a2 8be8aeff0a271bbe7cd13ac2e8f353c0693e811d7e7827b8b87f997868d0b7d2
Output of
rpm -q buildah
orapt list buildah
:Output of
buildah version
:Output of
podman version
if reporting apodman build
issue:Output of
cat /etc/issue
:Output of
uname -a
:Output of
cat /etc/containers/storage.conf
:I am trying to build a container within a container without root. I have spent days and tried numerous things to get this to work without root. If I use
sudo buildah bud .
then I get the image as expected. Guidance would be appreciated.Beta Was this translation helpful? Give feedback.
All reactions