[Podman] Re: Running a container built w/ uid:nobody as a system user?

Hi all. I have created a system user on a host and I am trying to run the prometheus container under this user. The prometheus container has been built to use `nobody` for user/group: https://github.com/prometheus/prometheus/blob/master/Dockerfile Which on my system is: ``` $ id nobody uid=65534(nobody) gid=65534(nogroup) groups=65534(nogroup) ``` But i am not able to pull this image: ``` prometheus@my-host:/home/my-user$ /usr/bin/podman run --rm --publish 9090:9090 --volume=/etc/prometheus:/etc/prometheus --storage-opt ignore_chown_errors prom/prometheus:v2.15.2 Trying to pull docker.io/prom/prometheus:v2.15.2... Getting image source signatures Copying blob 777554bd8f5f done Copying blob b1fd22a632bd done Copying blob 0b9be5b44b0b done Copying blob 0f8c40e1270f done Copying blob 626a2a3fee8c done Copying blob 2fa3c248a32e done Copying blob 537aa55b0cd8 done Copying blob 51148e52a043 done Copying blob 764607aff129 done Copying blob 340dd5e6b5d3 done Copying blob 02800ddf4bd5 done Copying blob 6fd47d0ba3e2 done Copying config b715301fa5 done Writing manifest to image destination Storing signatures ERRO[0005] Error while applying layer: ApplyLayer exit status 1 stdout: stderr: there might not be enough IDs available in the namespace (requested 65534:65534 for /home): lchown /home: invalid argument ApplyLayer exit status 1 stdout: stderr: there might not be enough IDs available in the namespace (requested 65534:65534 for /home): lchown /home: invalid argument Error: unable to pull prom/prometheus:v2.15.2: 1 error occurred: * Error committing the finished image: error adding layer with blob "sha256:0f8c40e1270f10d085dda8ce12b7c5b17cd808f055df5a7222f54837ca0feae0": ApplyLayer exit status 1 stdout: stderr: there might not be enough IDs available in the namespace (requested 65534:65534 for /home): lchown /home: invalid argument ``` Note: The same error happens w/ and w/o the `--storage-opt ignore_chown_error` which i picked up from https://www.redhat.com/sysadmin/rootless-podman while trying to understand/fix the error. The user: ``` prometheus@my-host:/home/my-user$ whoami prometheus prometheus@my-host:/home/my-user$ id uid=995(prometheus) gid=1008(prometheus) groups=1008(prometheus) prometheus@my-host:/home/my-user$ ``` The u/gid maps: ``` prometheus@my-host:/home/my-user$ cat /etc/subuid lxd:100000:65536 root:100000:65536 my-user:165536:65536 prometheus:231072:65536 prometheus@my-host:/home/my-user$ cat /etc/subgid lxd:100000:65536 root:100000:65536 my-user:165536:65536 prometheus:231072:65536 ``` What am I missing?