Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

systemd-homed requires the subuid ranges to be within 524288-1878982656 #1396

Closed
AkihiroSuda opened this issue Mar 1, 2023 · 1 comment · Fixed by #2725
Closed

systemd-homed requires the subuid ranges to be within 524288-1878982656 #1396

AkihiroSuda opened this issue Mar 1, 2023 · 1 comment · Fixed by #2725
Labels
component/nerdctl
Milestone
v1.0

Comments

@AkihiroSuda
Copy link
Member

lima/pkg/cidata/cidata.TEMPLATE.d/boot/20-rootless-base.sh

Lines 52 to 55 in 306435f

# Set up subuid
for f in /etc/subuid /etc/subgid; do
grep -qw "${LIMA_CIDATA_USER}" $f || echo "${LIMA_CIDATA_USER}:100000:65536" >>$f
done

The range has to be within 524288-1878982656 for homed

$ userdbctl 
   NAME                           DISPOSITION        UID   GID REALNAME                     HOME             SHELL             
   root                           intrinsic            0     0 -                            /root            /bin/bash
┌─ ↓ begin system users ↓         system               1     - First system user            -                -                 
   bin                            system               1     1 -                            /                /usr/bin/nologin
   daemon                         system               2     2 -                            /                /usr/bin/nologin
   mail                           system               8    12 -                            /var/spool/mail  /usr/bin/nologin
   ftp                            system              14    11 -                            /srv/ftp         /usr/bin/nologin
   http                           system              33    33 -                            /srv/http        /usr/bin/nologin
   uuidd                          system              68    68 -                            /                /usr/bin/nologin
   dbus                           system              81    81 System Message Bus           /                /usr/bin/nologin
   suda                           system             501  1000 -                            /home/suda.linux /bin/bash
   git                            system             974   974 git daemon user              /                /usr/bin/git-shell
   tss                            system             975   975 tss user for tpm2            /                /usr/bin/nologin
   systemd-timesync               system             976   976 systemd Time Synchronization /                /usr/bin/nologin
   systemd-resolve                system             977   977 systemd Resolver             /                /usr/bin/nologin
   systemd-journal-remote         system             978   978 systemd Journal Remote       /                /usr/bin/nologin
   systemd-oom                    system             979   979 systemd Userspace OOM Killer /                /usr/bin/nologin
   systemd-network                system             980   980 systemd Network Management   /                /usr/bin/nologin
   systemd-coredump               system             981   981 systemd Core Dumper          /                /usr/bin/nologin
└─ ↑ end system users ↑           system             999     - Last system user             -                -                 
┌─ ↓ begin systemd-homed users ↓  regular          60001     - First systemd-homed user     -                -                 
   test2                          regular          60383 60383 -                            /home/test2      /bin/bash
   test                           regular          60444 60444 -                            /home/test       /bin/bash
└─ ↑ end systemd-homed users ↑    regular          60513     - Last systemd-homed user      -                -                 
┌─ ↓ begin mapped users ↓         regular          60514     - First mapped user            -                -                 
└─ ↑ end mapped users ↑           regular          60577     - Last mapped user             -                -                 
┌─ ↓ begin dynamic system users ↓ dynamic          61184     - First dynamic system user    -                -                 
└─ ↑ end dynamic system users ↑   dynamic          65519     - Last dynamic system user     -                -                 
   nobody                         intrinsic        65534 65534 Kernel Overflow User         /                /usr/bin/nologin
┌─ ↓ begin container users ↓      container       524288     - First container user         -                -                 
└─ ↑ end container users ↑        container   1878982656     - Last container user          -                -                 

20 users listed.
@AkihiroSuda
Copy link
Member Author

(No distro seems using homed by default AFAICS, but I guess some will begin using it soon)

@AkihiroSuda AkihiroSuda added this to the v1.0 milestone Oct 8, 2024
@AkihiroSuda AkihiroSuda mentioned this issue Oct 11, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
component/nerdctl
Projects
None yet
Milestone
v1.0
Development

Successfully merging a pull request may close this issue.

rootless: allocate 1G subuids from 524288 (0x80000) AkihiroSuda/lima-vm-lima
1 participant
@AkihiroSuda