Skip to content

podman: remove subuid/subgid creation from sysext #3043

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jul 25, 2025
Merged

podman: remove subuid/subgid creation from sysext #3043

merged 2 commits into from
Jul 25, 2025

Conversation

invis-z
Copy link
Contributor

@invis-z invis-z commented Jun 23, 2025
edited
Loading

Following what was done for incus in #3028 . Removes the subuid/gid from sysext.

Adding subuid/subgid could be done through Ignition:

version: 1.1.0
variant: flatcar
storage:
  files:
    - path: /etc/subuid
      append:
        - inline: |
            core:1065536:65536
    - path: /etc/subgid
      append:
        - inline: |
            core:1065536:65536

Related: flatcar/Flatcar#1733

  • Changelog entries added in the respective changelog/ directory (user-facing change, bug fix, security fix, update)
  • Inspected CI output for image differences: /boot and /usr size, packages, list files for any missing binaries, kernel modules, config files, kernel modules, etc.

@invis-z
podman: remove subuid/subgid creation from sysext
0750ebb 
Following what was done for incus. Removes the subuid/gid from sysext.

Adding subuid/subgid could be done through Ignition:
```yaml
version: 1.1.0
variant: flatcar
storage:
  files:
    - path: /etc/subuid
      append:
        - inline: |
            core:1065536:65536
    - path: /etc/subgid
      append:
        - inline: |
            core:1065536:65536
```

Related: flatcar/Flatcar#1733
@invis-z invis-z marked this pull request as ready for review June 23, 2025 08:51
@tormath1 tormath1 assigned tormath1 and unassigned tormath1 Jun 24, 2025
@tormath1 tormath1 added the main label Jun 24, 2025
@tormath1 tormath1 moved this to ✅ Testing / in Review in Flatcar tactical, release planning, and roadmap Jun 24, 2025
@tormath1 tormath1 requested a review from a team June 24, 2025 11:44
@doraskayo
Copy link

Hi. I'm trying to add users to /etc/sub{u,g}id but it looks like the podman sysext overwrites my changes.

It would be great to get this merged fairly soon.

@github-actions github-actions bot mentioned this pull request Jul 22, 2025
Open
@tormath1
Copy link
Contributor

Thanks @invis-z for your contribution and sorry for the delay here, the PR is approved and I will merge it right now. As it can be breaking for some users, I will not yet backport it to maintenance channels. I don't expect it to break existing workloads as the shipped subuid/subgid will stay in place inside /etc but new deployed instances will not have this settings so it has to be added manually to the initial provisioning so this can break new deployments.

@github-actions GitHub Actions
Copy link

Build action triggered: https://github.com/flatcar/scripts/actions/runs/16517073597

@tormath1 tormath1 merged commit 4bbf66c into flatcar:main Jul 25, 2025
2 of 3 checks passed
@github-project-automation github-project-automation bot moved this from ✅ Testing / in Review to Implemented in Flatcar tactical, release planning, and roadmap Jul 25, 2025
@invis-z invis-z deleted the podman-subid branch July 27, 2025 04:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@krnowak krnowak krnowak approved these changes

Assignees
No one assigned
Labels
main
Projects
Flatcar tactical, release planning, and roadmap
Status: Implemented
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@invis-z @doraskayo @tormath1 @krnowak