[Podman] Re: Rootless podman - access to volume (host directory mount) owned by different user

On 2/9/21 09:43, Chris Evich wrote: > On 2/9/21 8:19 AM, geert(a)kobaltwit.be wrote: > >> Ah, that works. Thanks! >> >> >> >> One follow-up question: with the annotation set I can access the >> directory even though the group is still named "nobody". That's a bit >> confusing. Is there a way to display the real gid as well ? > > > > > I believe the only way around that would be to use --gidmap or > --subgitname [podman run] flags with a 1-gid wide "map". For example, > `--gidmap=1001:$(id -g shared):1` so the host's "shared" GID is mapped > to the GID 1001 (from your Dockerfile). > > Yes the issue is that the group is not mapped into the current user namespace, so the kernel reports it as `nobody`. Their is little we can do about it.