Re: [libvirt PATCHv1 8/8] docs: virtiofs: add section about ID remapping

On Tue, Sep 12, 2023 at 04:05:04PM +0200, Ján Tomko wrote: > On a Monday in 2023, Daniel P. Berrangé wrote: > > I would expect libvirt to "do the right thing" and automatically load > > the /etc/subuid data for the current user and NOT require any extra > > XML mapping to be set for unprivileged usage. > > > > So, by default libvirt would assume that unprivileged > accessmode='passthrough' means "use the whole range for my user > from /etc/subuid"? > > Podman treats /etc/subuid as a pool and chooses a 64K range that is > (to its knowledge) unused. I'm undecided whether that would also be > a reasonable option for a default. I thought podman simply used the entry that is in /etc/subuid as is:

$ grep $LOGNAME /etc/subuid berrange:165536:65536 $ podman run -it centos:stream9 cat /proc/self/uid_map 0 1001 1 1 165536 65536 Maps "root" to my original unpriv login UID, and maps everything else to the 64k IDs reserved in /etc/subuid With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|