Hi folks,

My storage config looks like:

# /etc/containers/storage.conf

[storage]

driver = "overlay"

graphroot = "/custom/path/root/data"

rootless_storage_path = "/custom/path/$USER/data"

runroot = "/run/containers/storage

And I have "service" users (that are not to supposed to be used as normal users) with such config:

# /etc/passwd

foobar:x:5000:100::/var/empty:/usr/sbin/nologin

I can run a container like this:

su foobar

podman run -d docker.io/library/debian:bookworm sleep infinity

but I can't import a container and run it:

podman load < /tmp/image.tar.gz

podman image ls

podman run -d 9ff9136eaaab sleep infinity

Error: mkdir /var/empty/.cache: operation not permitted

Testing this as a "normal" user (user with writable home directory) I noticed that Podman creates the following file:

ls -lA .cache/containers/short-name-aliases.conf.lock

-rw-r--r-- 1 me users 0 Dec  3 16:45 .cache/containers/short-name-aliases.conf.lock

Obviously that can't work with a "service" user since it doesn't have writable home.

Could you please advise is this a bug? Should I create an issue on github?

Thank you.

Hans