解决podman: ERRO[0000] running newuidmap: write to uid_map failed: Invalid argument

https://github.com/containers/podman/discussions/23861
https://github.com/containers/podman/discussions/11217

报错现象

processing tar file

Getting image source signatures
Copying blob c6a83fedfae6 done   | 
Error: copying system image from manifest list: writing blob: adding layer with blob "sha256:...":
    processing tar file(potentially insufficient UIDs or GIDs available in user namespace (requested 0:42 for /etc/shadow):
        Check /etc/subuid and /etc/subgid if configured locally and run "podman system migrate": lchown /etc/shadow: invalid argument): exit status 1

newuidmap

ERRO[0000] running /usr/bin/newuidmap 2711552 0 1000 1 1 100000 65536 65537 100000 65537: newuidmap: write to uid_map failed: Invalid argument
Error: cannot set up namespace using "/usr/bin/newuidmap": should have setuid or have filecaps setuid: exit status 1

用户uid/gid未设置

ERRO[0000] cannot find UID/GID for user n: no subuid ranges found for user "n" in /etc/subuid - check rootless mode in man pages.
WARN[0000] Using rootless single mapping into the namespace. This might break some images. Check /etc/subuid and /etc/subgid for adding sub*ids if not using a network user

解决

sudo touch /etc/subuid /etc/subgid
op=add
sudo usermod --$op-subuids 100000-200000 --$op-subgids 100000-200000 $(whoami)
# echo -n | sudo tee /etc/subuid /etc/subgid

chmod 0755 /usr/bin/newuidmap /usr/bin/newgidmap

vim ~/.config/containers/storage.conf

添加2行:

[storage.options.overlay]
ignore_chown_errors = "true"

输出

❯ podman run --rm alpine echo "Hello, Podman"

WARN[0000] Additional gid=1 is not present in the user namespace, skip setting it 
WARN[0000] Additional gid=2 is not present in the user namespace, skip setting it 
WARN[0000] Additional gid=3 is not present in the user namespace, skip setting it 
WARN[0000] Additional gid=4 is not present in the user namespace, skip setting it 
WARN[0000] Additional gid=6 is not present in the user namespace, skip setting it 
WARN[0000] Additional gid=10 is not present in the user namespace, skip setting it 
WARN[0000] Additional gid=11 is not present in the user namespace, skip setting it 
WARN[0000] Additional gid=20 is not present in the user namespace, skip setting it 
WARN[0000] Additional gid=26 is not present in the user namespace, skip setting it 
WARN[0000] Additional gid=27 is not present in the user namespace, skip setting it 
Hello, Podman

参考

https://unix.stackexchange.com/questions/689175/podman-errors-on-tar-with-potentially-insufficient-uids-or-gids-available-in-use
https://github.com/containers/podman/blob/main/vendor/github.com/containers/storage/storage.conf
https://podmancn.pages.dev/docs/tutorials/rootless_tutorial#安装-podman
https://github.com/containers/podman/issues/12715

posted @ 2024-09-04 11:07  Nolca  阅读(53)  评论(0编辑  收藏  举报