[Podman] Re: Podman on OpenWrt as user other than root

> I am trying to modify OpenWrt and its podman package to allow users > other than root to manage containers on that system. > > I have made some progress, including working through some "bugs" in > podman and the OpenWrt packages: > > https://github.com/containers/podman/issues/9687 > https://github.com/containers/storage/pull/851 > https://github.com/openwrt/packages/pull/15673 > > A summary of my work so far exists at > https://github.com/openwrt/packages/issues/15096. > > There are two things I do not yet understand, so I am looking for a > summary of how these things work or some recommended reading regarding > them. > > (1) Non-root users cannot write to /sys/fs/cgroup/*. I am not sure how to > safely handle this, and I have not yet figured out how other distributions > do it. Does a privileged agent exist that performs the updates to > /sys/fs/cgroup that are necessary to setup a container? > > (2) Running "podman run ..." wants to mount /proc and so on in the > container. This fails when run as non-root with "mounting '/proc' to > rootfs at '/proc' caused: operation not permitted." Again, I am not sure > what performs these privileged operations on other distributions. >

It would probably be better to deal with this as issues rather then as email. On issue 1, are you using cgroupv2?  Or cgroupv1, which will never be allowed. Issue 2, I don't understand what you are trying to do.  Lets continue inside of issues.