Re: [libvirt PATCHv1 8/8] docs: virtiofs: add section about ID remapping

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On a Tuesday in 2023, Daniel P. Berrangé wrote:
On Tue, Sep 12, 2023 at 04:05:04PM +0200, Ján Tomko wrote:
On a Monday in 2023, Daniel P. Berrangé wrote:
> I would expect libvirt to "do the right thing" and automatically load
> the /etc/subuid data for the current user and NOT require any extra
> XML mapping to be set for unprivileged usage.
>

So, by default libvirt would assume that unprivileged
accessmode='passthrough' means "use the whole range for my user
from /etc/subuid"?

Podman treats /etc/subuid as a pool and chooses a 64K range that is
(to its knowledge) unused. I'm undecided whether that would also be
a reasonable option for a default.

I thought podman simply used the entry that is in /etc/subuid
as is:

D'oh. Right. By default it uses --userns=host, which behaves as you
describe.

What I described is --userns=auto behavior, suggested in the bug
discussion:
https://bugzilla.redhat.com/show_bug.cgi?id=2034630#c8

Jano


$ grep $LOGNAME /etc/subuid
berrange:165536:65536
$ podman  run -it centos:stream9 cat /proc/self/uid_map
        0       1001          1
        1     165536      65536


Maps "root" to my original unpriv login UID, and maps
everything else to the 64k IDs reserved in /etc/subuid


With regards,
Daniel
--
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

Attachment: signature.asc
Description: PGP signature


[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux