On Wed, Jul 10, 2019 at 10:40 AM Marc-André Lureau <marcandre.lur...@redhat.com> wrote: > I am not very familiar with podman or docker, so I am not able to tell > you why docker does work by default. @Debarshi Ray might know, as he > helped me finding a workaround.
You need to mention the UID mapping via --uidmap arguments (or --userns=keep-id) because you are using Podman without involving root on the host anywhere. With Docker the daemon always runs as root. You either run the user-facing client also as root (with sudo and such) or you add your user to the special 'docker' group. These days, very recently, rootless Docker is a thing too: https://engineering.docker.com/2019/02/experimenting-with-rootless-docker/ However, I don't think that's what the QEMU test suite has been using. :) When running rootless, you can only map your current UID from the host into the new user namespace, and usually that gets mapped to UID 0 inside the namespace. Hence the need to override the UID mapping. This limitation isn't present when root is involved on the host. Read this commit message for some more details on exactly what happens when you specify the UID mapping like that: https://github.com/debarshiray/toolbox/commit/cfcf4eb31e14b3a3
