Thursday January 5 2023

Rootless Podman on Alpine Linux

While it doesn’t work out of the box, setup is failry straightforward:

# apk add podman buildah
# rc-update add cgroups default
# /etc/init.d/cgroups start

Then run this script to setup the sbustitute UID and GIDs:

#!/bin/sh
set -e
# Order of users is important, changing it later can cause headaches
_users="bob
sally
mitch"

IFS='
'

printf "" > /etc/subuid
printf "" > /etc/subgid

uids=65537

n=1
for _user in $_users ; do

echo "$_user:$(( ( n * uids ) + 1 )):$(( ( n * uids ) + uids ))" \
| tee -a /etc/subgid >> /etc/subuid

n=$((n+1))

done

Replacing the _users variable with users of your own users, of course.

You could also reduce uids, if you want less user IDs to be allocated for each user.

UIDs are 32 bit integers on Linux these days, you have as many UIDs as there are IPv4 addresses. ( That is, a bit over four billion )