Skip to content

systemd-homed requires the subuid ranges to be within 524288-1878982656 #1396

New issue
New issue
Closed
#2725
Closed
systemd-homed requires the subuid ranges to be within 524288-1878982656#1396
#2725
Labels
component/nerdctl
Milestone
 
v1.0
@AkihiroSuda

Description

@AkihiroSuda
AkihiroSuda
opened on Mar 1, 2023

lima/pkg/cidata/cidata.TEMPLATE.d/boot/20-rootless-base.sh

Lines 52 to 55 in 306435f

# Set up subuid
for f in /etc/subuid /etc/subgid; do
grep -qw "${LIMA_CIDATA_USER}" $f || echo "${LIMA_CIDATA_USER}:100000:65536" >>$f
done

The range has to be within 524288-1878982656 for homed

$ userdbctl 
   NAME                           DISPOSITION        UID   GID REALNAME                     HOME             SHELL             
   root                           intrinsic            0     0 -                            /root            /bin/bash
┌─ ↓ begin system users ↓         system               1     - First system user            -                -                 
   bin                            system               1     1 -                            /                /usr/bin/nologin
   daemon                         system               2     2 -                            /                /usr/bin/nologin
   mail                           system               8    12 -                            /var/spool/mail  /usr/bin/nologin
   ftp                            system              14    11 -                            /srv/ftp         /usr/bin/nologin
   http                           system              33    33 -                            /srv/http        /usr/bin/nologin
   uuidd                          system              68    68 -                            /                /usr/bin/nologin
   dbus                           system              81    81 System Message Bus           /                /usr/bin/nologin
   suda                           system             501  1000 -                            /home/suda.linux /bin/bash
   git                            system             974   974 git daemon user              /                /usr/bin/git-shell
   tss                            system             975   975 tss user for tpm2            /                /usr/bin/nologin
   systemd-timesync               system             976   976 systemd Time Synchronization /                /usr/bin/nologin
   systemd-resolve                system             977   977 systemd Resolver             /                /usr/bin/nologin
   systemd-journal-remote         system             978   978 systemd Journal Remote       /                /usr/bin/nologin
   systemd-oom                    system             979   979 systemd Userspace OOM Killer /                /usr/bin/nologin
   systemd-network                system             980   980 systemd Network Management   /                /usr/bin/nologin
   systemd-coredump               system             981   981 systemd Core Dumper          /                /usr/bin/nologin
└─ ↑ end system users ↑           system             999     - Last system user             -                -                 
┌─ ↓ begin systemd-homed users ↓  regular          60001     - First systemd-homed user     -                -                 
   test2                          regular          60383 60383 -                            /home/test2      /bin/bash
   test                           regular          60444 60444 -                            /home/test       /bin/bash
└─ ↑ end systemd-homed users ↑    regular          60513     - Last systemd-homed user      -                -                 
┌─ ↓ begin mapped users ↓         regular          60514     - First mapped user            -                -                 
└─ ↑ end mapped users ↑           regular          60577     - Last mapped user             -                -                 
┌─ ↓ begin dynamic system users ↓ dynamic          61184     - First dynamic system user    -                -                 
└─ ↑ end dynamic system users ↑   dynamic          65519     - Last dynamic system user     -                -                 
   nobody                         intrinsic        65534 65534 Kernel Overflow User         /                /usr/bin/nologin
┌─ ↓ begin container users ↓      container       524288     - First container user         -                -                 
└─ ↑ end container users ↑        container   1878982656     - Last container user          -                -                 

20 users listed.

Metadata

Metadata

Assignees

No one assigned

    Labels

    component/nerdctl

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions