Solved: Re: Podman Rootless

SameerHamid · ‎03-29-2023

Hi,

Whenever I am trying to to run a rootless container with non root user I am getting this error. I tried in v9.0 and v9.1 same error.

ERRO[0000] XDG_RUNTIME_DIR "run/user/0" is not owned by the current user.

I install all modules but still getting same error.

Tracy_Baker · ‎03-30-2023

"podman uses wrong uid when changing user with su"

This is not a podman issue. It has to do with the was su works.

If you are using su to switch user, do not do this (because you are, in essence, keep the previous user's environment while accessing another user's account):

su username

Always do this, with the - (this opens a login shell with an environment similar to a real login)

su - username

From the man page for su:

-, -l, --login
Start the shell as a login shell with an environment similar to a real login:

• clears all the environment variables except TERM and variables specified by --whitelist-environment

• initializes the environment variables HOME, SHELL, USER, LOGNAME, and PATH

• changes to the target user’s home directory

• sets argv[0] of the shell to '-' in order to make the shell a login shell

Program Lead at Arizona's first Red Hat Academy, est. 2005
Estrella Mountain Community College

View solution in original post

SameerHamid · ‎03-30-2023

podman uses wrong uid when changing user with su

below solution work in both v9.0 and v9.1 podman 4.2.0. I recently had this issue in my EX200 exam and not able to do two tasks.

Various podman commands fail, when the user is switched via su because it assumes the wrong uid:

 > # su phoenix
 > $ podman
 > ERRO[0000] XDG_RUNTIME_DIR directory "/run/user/0" is not owned by the current user

However no error occurs, when the user switch happens via sudo

 > # sudo -u phoenix -s
 > $ podman

source

Tracy_Baker · ‎03-30-2023

"podman uses wrong uid when changing user with su"

This is not a podman issue. It has to do with the was su works.

If you are using su to switch user, do not do this (because you are, in essence, keep the previous user's environment while accessing another user's account):

su username

Always do this, with the - (this opens a login shell with an environment similar to a real login)

su - username

From the man page for su:

-, -l, --login
Start the shell as a login shell with an environment similar to a real login:

• clears all the environment variables except TERM and variables specified by --whitelist-environment

• initializes the environment variables HOME, SHELL, USER, LOGNAME, and PATH

• changes to the target user’s home directory

• sets argv[0] of the shell to '-' in order to make the shell a login shell

Program Lead at Arizona's first Red Hat Academy, est. 2005
Estrella Mountain Community College

Tracy_Baker · ‎03-30-2023

Here's the result of the test I just did (incidentally, notice the third prompt - how it shows that the devops user is logged in but the working directory is kiosk - than name of the user I switched from):

[kiosk@foundation0 ~]$ su devops
[devops@foundation0 kiosk]$ podman run -d --name webserver1 httpd-24-rhel7
ERRO[0000] XDG_RUNTIME_DIR directory "/run/user/1000" is not owned by the current user
[devops@foundation0 kiosk]$ exit
exit

[kiosk@foundation0 ~]$ su - devops
Password:
Last login: Thu Mar 30 15:38:25 MST 2023 on pts/1
[devops@foundation0 ~]$ podman run -d --name webserver1 httpd-24-rhel7
309007e2bb3272125e7d7475da234e8b964a1f3eff426102c762ac665e8fc9d1

Program Lead at Arizona's first Red Hat Academy, est. 2005
Estrella Mountain Community College

Armanator · ‎03-31-2023

Good job Tracy_Baker and thanks for the clarification. I always use su -. It was drilled into my brain more than 20 years ago haha.

Podman Rootless

containers

podman

rootless