Description of problem: disclaimer: I don't know if the bug is in shadow-utils or podman. If it's podman simply re-assign the bug With the new version of shadow-utils we can no longer start rootless podman containers in Fedora rawhide. ``` [core@cosa-devsh ~]$ toolbox create --assumeyes Error: failed to get the Podman version ``` ``` [core@cosa-devsh ~]$ podman info Error: cannot setup namespace using newuidmap: exit status 1 ``` Version-Release number of selected component (if applicable): ``` [core@cosa-devsh ~]$ rpm -q shadow-utils podman kernel shadow-utils-4.9-1.fc35.x86_64 podman-3.3.0-0.26.rc1.fc35.x86_64 kernel-5.14.0-0.rc4.20210804gitd5ad8ec3cfb5.36.fc35.x86_64 ``` How reproducible: Always Steps to Reproduce: 1. Boot system, run podman info as normal user. Actual results: Error Expected results: No error Additional info: This was found in the Fedora CoreOS CI system. Fedora CoreOS is rpm-ostree based (not dnf) so there may be complications because of that.
FWIW I've just spun up a rawhide VM, installed podman (3.3.0-0.26.rc1.fc35), dnf-upgraded to shadow-utils-4.9-1.fc35, and: # loginctl enable-linger fedora # su - fedora $ podman info [works fine] $ podman run alpine date [also works fine] There is a long history of rootless podman problems that are caused by a broken shadow-utils install. Is it possible to respin the rpm-ostree?
Uh, then again: # adduser testuser2 # loginctl enable-linger testuser2 # su - testuser2 $ podman info Error: cannot setup namespace using newuidmap: exit status 1 # cat /etc/subuid fedora:100000:65536 testuser2:0:0
This is also happening with Fedora rawhide so I think we can rule out rpm-ostree. Can you try removing "testuser2:0:0" or the equivalent from /etc/subuid? I don't know why this line is there and when I removed it "podman info" was working.
For me (Fedora CoreOS) here are the contents of /etc/subuid: ``` [core@cosa-devsh ~]$ cat /etc/subuid core:0:0 ```
If I replace /etc/subuid and /etc/subgid with `core:100000:65536` instead of what is in there (`core:0:0`) then things start working.
For context, `core` is the default username on Fedora CoreOS.
(In reply to Iker Pedrosa from comment #3) > This is also happening with Fedora rawhide so I think we can rule out > rpm-ostree. > > Can you try removing "testuser2:0:0" or the equivalent from /etc/subuid? I > don't know why this line is there and when I removed it "podman info" was > working. `testuser2:0:0` in /etc/subuid was probably created when he called `adduser testuser2` (see comment#2). Maybe a bug in `adduser`?
*** Bug 1990734 has been marked as a duplicate of this bug. ***
I think I have the solution. Can you try it? https://copr.fedorainfracloud.org/coprs/ipedrosa/useradd_breaks_podman/
Seems to work for me: ``` [core@cosa-devsh ~]$ rpm -q shadow-utils shadow-utils-4.9-2debug.fc35.x86_64 [core@cosa-devsh ~]$ cat /etc/subuid core:100000:65536 ```
Upstream PR: https://github.com/shadow-maint/shadow/pull/399
This bug appears to have been reported against 'rawhide' during the Fedora 35 development cycle. Changing version to 35.