Unable to automatically set up `/etc/subuid` and `/etc/subgid` for new user
mogeko opened this issue · comments
Zheng Junyi commented
I'm using Butane to deploy a Fedora CoreOS.
I want to create a non-privileged user (nonroot
) specifically to run the Podman container.
But it seems that Butane did not set /etc/subuid
and /etc/subgid
for him:
variant: fcos
version: 1.5.0
passwd:
groups:
- name: nonroot
gid: 65532
users:
- name: mogeko
gecos: Mogeko
ssh_authorized_keys:
- ssh-rsa ...
groups:
- wheel
- sudo
- name: nonroot
gecos: Unprivileged User
uid: 65532
primary_group: nonroot
no_log_init: true
shell: /sbin/nologin
# ...
$ id
uid=1001(mogeko) gid=1001(mogeko) groups=1001(mogeko),10(wheel),16(sudo) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
$ sudo --user=nonroot id
uid=65532(nonroot) gid=65532(nonroot) groups=65532(nonroot) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
$ cat /etc/subuid
core:524288:65536
mogeko:589824:65536
$ cat /etc/subgid
core:524288:65536
mogeko:589824:65536