[2738916242] Upstream Reporter: Jookia
Upstream issue status: Closed
Upstream description:

Feature request description

Currently you have to pick between using userns=auto for every container you have or being able to keep-id which is useful for development containers. I'm hitting this issue with distrobox for example.

Using the following flag gets a working result:

--userns=auto:gidmapping=1000:0:1,uidmapping=1000:0:1,size=65536

Suggest potential solution

podman never promises the UID range in nomap or keep-id. Maybe these could use auto by default, or by a configuration flag?

Have you considered any alternatives?

The application using podman could instead be changed to use =auto. In my case I modified distrobox. However there's no way for distrobox to know whether to use =auto or =keep-id, especially since using the wrong one may affect other containers running on the machine.

Additional context

Using =auto has a significant security boost, it would be nice to have this as a rootless user.