5:05 p.m.
On 7/27/22 00:41, Robin Lee Powell wrote:
I think I followed that.
In both cases, though, I'd still need the --uidmap on the exim
container to map container user 93 to my local UID, yes?
I could be wrong, I'm not an expert in these things and your setup is
complex. I think that perhaps the local UID doesn't matter. What
matters is coordinating the mapping across all the containers, so they
all have the same "view". Otherwise the UID/GIDs of files/directories
in your (presumably shared) volume-mounts won't line up. Though...if
you're not sharing any volumes between the containers, then I s'pose
this doesn't apply.
The point is, as long as you're running rootless, the actual mapping
values on the host shouldn't matter (assuming the containers are happy
with their user namespace). If you need to pass ---uidmap in at runtime
to make the containers happy (depending on how the images are built),
it's okay, but if you can avoid it entirely, that's probably going to
result in easier maintenance and updates.
--
Chris Evich (he/him), RHCA III
Senior Quality Assurance Engineer
My personal robot overlord told me to include this signature line.