Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Podman: there might not be enough IDs available in the namespace #54

Open
prototact opened this issue Dec 10, 2019 · 1 comment
Open

Podman: there might not be enough IDs available in the namespace #54

prototact opened this issue Dec 10, 2019 · 1 comment

Comments

@prototact
Copy link

Bug Description
I installed podman on WSL 2 fedora-remix (I opted for the windows insider program for that reason). Everything went fine until I tried to pull an image. At the step of storing signatures I got an error about insufficient IDs in the name space.

To Reproduce
Steps to reproduce the behavior:

  1. sudo dnf install podman
  2. podman pull ubi8

Expected Behavior
I thought it would pull the image normally but nope.

Screenshots
image

Additional context
I just want to run podman in WSL 2 instead of Docker Desktop.

Basic Troubleshooting Checklist

[x] I have searched Google for the error message.
[x] I have checked official WSL troubleshooting documentation: https://docs.microsoft.com/en-us/windows/wsl/troubleshooting#confirm-wsl-is-enabled.
[x] I have searched the official Microsoft WSL issues page: https://github.com/Microsoft/WSL/issues.
[x] I have searched the WLinux issues page: https://github.com/WhitewaterFoundry/WLinux/issues.
[x] I have reset WLinux: Settings->Apps->Apps & features->WLinux->Advanced Options->Reset.
[x] I have disabled and re-enabled WSL in Windows Features.
[x] I have run Windows 10 updates and restarted.

What other troubleshooting have you attempted?

Insert here: I followed the troubleshooting here
containers/podman#3421
But to no avail. I run as user (not root)
podman system migrate
podman unshare cat /proc/self/uid_map
for the first command i get no output but for the second one i get

$ podman unshare cat /proc/self/uid_map
         0       1000          1

This is suspicious because the normal output should be something like

$ podman unshare cat /proc/self/uid_map
         0       1000          1
         1     100000      65536

There seems to be no range attached to the user. In addition
cat /etc/subuid has this form

mockbuild:100000:65536
orfeaskar:165536:65536

Mysterious mockbuild user, probably related to WSL wizardry.

WLinux Version

Insert here: 1.31.5.0

Windows Build

insert here: 10.0.19037 N/A Build 19037
@dominic-p
Copy link

dominic-p commented May 28, 2020
edited
Loading

Were you able to resolve this? I'm currently running into the same issue on WSL2 when I try to pull an image with podman.

Update: Ok, I got it working. In my case the newuidmap and newgidmap binaries did not have the setuid bit set, so they did not have the capabilities they needed to map the uids correctly. So, I just had to run:

$ podman unshare cat /proc/self/uid_map
         0       1000          1

... switch to root

# chmod u+s $(which newuidmap)
# chmod u+s $(which newgidmap)

... switch back to regular user here

$ podman system migrate
$ podman unshare cat /proc/self/uid_map
         0       1000          1
         1     100000      65536

Thanks for pointing me in the right direction. This thread explains the issue.

Schokokex added a commit to Schokokex/centos.podman.bugfix that referenced this issue Nov 18, 2020
@Schokokex
Update wsl2.sh
297b2c9 
from WhitewaterFoundry/Fedora-Remix-for-WSL#54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dominic-p @prototact