View Issue Details

IDProjectCategoryView StatusLast Update
0016642CentOS-8-OTHERpublic2019-10-23 14:55
Reporterolanys 
PrioritynormalSeveritymajorReproducibilityalways
Status newResolutionopen 
Product Version8.0.1905 
Target VersionFixed in Version 
Summary0016642: podman fails with remote userid via sssd
DescriptionRunning podman as a user without a local account/ with a remote acount (sssd) fails with error

ERRO[0000] cannot setup namespace using newuidmap: exit status 1

Works with a locally created account.


[olalocal@pylab3 ~]$ id -a
uid=1000(olalocal) gid=1000(olalocal) groups=1000(olalocal) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023

[olalocal@pylab3 ~]$ grep ola /etc/passwd
olalocal:x:1000:1000::/home/olalocal:/bin/bash

[olalocal@pylab3 ~]$ podman info
host:
  BuildahVersion: 1.6-dev
  Conmon:
    package: podman-1.0.5-1.gitf604175.module_el8.0.0+194+ac560166.x86_64
    path: /usr/libexec/podman/conmon
    version: 'conmon version 1.14.0-dev, commit: db4132fdf7a7a29546679331f7119a745266f613-dirty'
  Distribution:
    distribution: '"centos"'
    version: "8"
  MemFree: 235102208
  MemTotal: 1918312448
  OCIRuntime:
    package: runc-1.0.0-55.rc5.dev.git2abd837.module_el8.0.0+58+91b614e7.x86_64
    path: /usr/bin/runc
    version: 'runc version spec: 1.0.0'
  SwapFree: 1184264192
  SwapTotal: 1719660544
  arch: amd64
  cpus: 2
  hostname: pylab3.enskede.local
  kernel: 4.18.0-144.el8.x86_64
  os: linux
  rootless: true
  uptime: 649h 2m 57.31s (Approximately 27.04 days)
insecure registries:
  registries:
  - pylab2.enskede.local:5000
registries:
  registries:
  - registry.redhat.io
  - quay.io
  - docker.io
store:
  ConfigFile: /home/olalocal/.config/containers/storage.conf
  ContainerStore:
    number: 10
  GraphDriverName: overlay
  GraphOptions:
  - overlay.mount_program=/bin/fuse-overlayfs
  GraphRoot: /home/olalocal/.local/share/containers/storage
  GraphStatus:
    Backing Filesystem: xfs
    Native Overlay Diff: "false"
    Supports d_type: "true"
    Using metacopy: "false"
  ImageStore:
    number: 1
  RunRoot: /tmp/user/1000
Steps To ReproduceLogin with a remote user to a CentOS8 system

podman info
Additional Information$ podman info
ERRO[0000] cannot setup namespace using newuidmap: exit status 1

$ getent passwd ola
ola:*:11103:11116:Ola Nystrom:/home/ola:/bin/bash
$ id -a
uid=11103(ola) gid=11116(transmission-ad) groups=11116(transmission-ad),1050(unix-admin) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
$ cat /etc/subuid
ola:11103:65536
olalocal:100000:65536

$ podman version
Version: 1.0.5
Go Version: go1.11.6
OS/Arch: linux/amd64
TagsNo tags attached.

Activities

There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2019-10-23 14:55 olanys New Issue