[Podman] Re: Execute command on exit (?)

Hello there, Thank you for the pointers. I tried using :U (with Z - :U,Z) and that didn't do the trick. I also tried using --userns=keep-id, and that also didn't work. I tried following https://github.com/containers/podman/blob/main/troubleshooting.md#33-cont... and I must admit, while the sample works, I don't understand it enough to translate it to my use case (and it is quite unwieldy). I have a really hard time wrapping my head around what is going on with --uidmap 2003:0:1 (set the user inside the container to map to uid 0 (root?) on the host ?) and another --uidmap 2004:2004:65536 (set the user 20004 onwards to map to uid 2004 on the host)? This is the exact container/volume that I'm having trouble with: $ mkdir gogs $ podman run -v ./gogs:/data docker.io/gogs/gogs The user `git` inside the container has uid 1000, and is mapped to uid 100999 outside the container. In the end, ./gogs is owned by 100999. ------- Original Message ------- On Wednesday, February 16th, 2022 at 4:19 PM, Erik Sjölund <erik.sjolund(a)gmail.com&gt; wrote: > I wrote two troubleshooting tips that describes how --uidmap and > > --gidmap can be used to handle situations like that: > > https://github.com/containers/podman/blob/main/troubleshooting.md#34-pass... > > https://github.com/containers/podman/blob/main/troubleshooting.md#33-cont... > > Another alternative is to use the volume option ":U". > > Quote > > "The :U suffix tells Podman to use the correct host UID and GID based > > on the UID and GID within the container, to change recursively the > > owner and group of the source volume." > > from > > https://docs.podman.io/en/latest/markdown/podman-run.1.html#volume-v-sour... > > If you can use --uidmap and --gidmap (or --userns=keep-id), you > > probably don't need to run chown or use ":U". > > Regards, > > Erik Sjölund > > On Tue, Feb 15, 2022 at 10:15 PM Prafulla Giri via Podman > > podman(a)lists.podman.io wrote: > > > Hello there, > > > > I have bind-mounted a local dir inside a container. Once the container is closed the directory permissions are > > > > changed to a subuid and I have to run `podman unshare chown -R 0:0 /path/to/dir` manually if I want to do anything > > > > with the bind-mounted directory. I was wondering if there is a method whereby a container (or a pod) could be configured > > > > to do this automatically? I'd be glad to know about it (or any other ways to get around this minor issue). > > > > Thank you. > > > > Podman mailing list -- podman(a)lists.podman.io > > > > To unsubscribe send an email to podman-leave(a)lists.podman.io > > Podman mailing list -- podman(a)lists.podman.io > > To unsubscribe send an email to podman-leave(a)lists.podman.io