Enabling management of subuid in ipa and nss for ldap users breaks rootless podman for local users
Issue
-
After configuring
/etc/nsswitch.conf
to pull subuid and subgid ranges for ldap users from sssd, local users can no longer use rootless podman. -
After configuring
subid: sss
in/etc/nsswitch.conf
, rootless podman no longer works for local users -
rootless podman gets error:
ERRO[0000] cannot find UID/GID for user regularuser: cannot read subids - check rootless mode in man pages.
WARN[0000] Using rootless single mapping into the namespace. This might break some images. Check /etc/subuid and /etc/subgid for adding sub*ids if not using a network user
Environment
- Red Hat Enterprise Linux 8.6
- podman-4.0.2-6.module+el8.6.0+14877+f643d2d6
- shadow-utils-4.6-16.el8
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.