Hello,

I'm trying to switch from docker to rootless podman in a project.
Building the image was a simple change. But now I'm trying to
run it in a development setup, and encounter problems.

A directory tree from the host gets mounted into the container.
In the container, user IDs 0 and 1111 will write to the directory tree.
I'm looking for a way to map both of these IDs to my uid on the host,
if that's possible. Likewise with group IDs, but I guess those work
just the same as the user IDs.

I found plenty of examples where "podman run" is called with a
--uidmap argument that maps a range of uids to another range.
But I haven't been able to find an example where two --uidmap
arguments are given, to map two distinct uids to the same one.

My various attempts have lead either to "permission denied"
or to "Error: Container ID 0 cannot be mapped to a host ID".
I'm not familiar with user namespaces or nested uid mappings.
There was a recent documentation update, but I cannot
figure out what that means for my scenario:
https://github.com/containers/podman/pull/8695/files

On the system where I'm starting the container, I have:
/etc/subuid:
rolweber:100000:65536
/etc/subgid:
rolweber:100000:65536

Maybe I can work around uid mapping altogether by
giving global write permission to the host directory.
It's in a single-user VM, so this would be acceptable.
But I'd rather avoid that, if there's a way to map the uids.

Any suggestions?

Thanks and cheers,
  Roland

---
IBM Deutschland Research & Development GmbH
Vorsitzender des Aufsichtsrats: Gregor Pillen / Geschäftsführung: Dirk Wittkopp
Sitz der Gesellschaft: Böblingen / Registergericht: Amtsgericht Stuttgart, HRB 243294