Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Podman run error in non-root mode: "user namespaces are not enabled in /proc/sys/user/max_user_namespaces" #7704

Closed
Poor12 opened this issue Sep 21, 2020 · 4 comments
Closed

Podman run error in non-root mode: "user namespaces are not enabled in /proc/sys/user/max_user_namespaces" #7704

Poor12 opened this issue Sep 21, 2020 · 4 comments
Labels
locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. Question Issue is a question about Podman

Comments

@Poor12
Copy link

Poor12 commented Sep 21, 2020

Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)

/kind bug

Description

Podman run well in root-mode, however run error in non-root mode except --help.
Error is below:
cannot clone: Invalid argument
user namespaces are not enabled in /proc/sys/user/max_user_namespaces
Error: could not get runtime: cannot re-exec process

Steps to reproduce the issue:

1.switch a normal user

2.run podman

Describe the results you received:
podman run error

Describe the results you expected:
podman run well

Output of podman info --debug:
cannot clone: Invalid argument
user namespaces are not enabled in /proc/sys/user/max_user_namespaces
Error: could not get runtime: cannot re-exec process

Have you tested with the latest version of Podman and have you checked the Podman Troubleshooting Guide?
Yes

Additional environment details (AWS, VirtualBox, physical, etc.):
Centos7 in Parallels Desktop. I am a newcomer to podman. Thanks for any help.
@openshift-ci-robot openshift-ci-robot added the kind/bug Categorizes issue or PR as related to a bug. label Sep 21, 2020
@AkihiroSuda AkihiroSuda added Question Issue is a question about Podman and removed kind/bug Categorizes issue or PR as related to a bug. labels Sep 21, 2020
@AkihiroSuda
Copy link
Collaborator

CentOS 7 requires running echo “user.max_user_namespaces=10000” > /etc/sysctl.d/42-rootless.conf and sysctl --system as root

@AkihiroSuda AkihiroSuda changed the title Podman run error in non-root mode Podman run error in non-root mode: "user namespaces are not enabled in /proc/sys/user/max_user_namespaces" Sep 21, 2020
@rhatdan rhatdan closed this as completed Sep 21, 2020
@TiloGit
Copy link

TiloGit commented Dec 15, 2020

here my steps on RHEL.

[joedoe@myserver ]$ cat /proc/sys/user/max_user_namespaces
0
[joedoe@myserver ]$ sudo sysctl user.max_user_namespaces=15000
user.max_user_namespaces = 15000
[joedoe@myserver ]$ cat /proc/sys/user/max_user_namespaces
15000
[joedoe@myserver ]$ sudo usermod --add-subuids 200000-201000 --add-subgids 200000-201000 joedoe
[joedoe@myserver ]$ grep joedoe /etc/subuid /etc/subgid
/etc/subuid:joedoe:200000:1001
/etc/subgid:joedoe:200000:1001

@hjoukl
Copy link

hjoukl commented May 5, 2021

Just for anyone stumbling upon this issue as a top search result like me: Here's some context and explanation on the previous fine answers: https://github.com/containers/podman/blob/master/docs/tutorials/rootless_tutorial.md

Yarboa pushed a commit to redhat-openstack/ansible-nfv that referenced this issue Dec 16, 2021
updated to be competable with newer podman version
9222bbe 
(according to containers/podman#7704)

Change-Id: I35b54ceb5dc1f19a41d0106b586bcb961094b607
@Jeffy1992
Copy link

Jeffy1992 commented Oct 5, 2022
edited
Loading

CentOS 7 requires running echo “user.max_user_namespaces=10000” > /etc/sysctl.d/42-rootless.conf and sysctl --system as root

echo '63907' > /proc/sys/user/max_user_namespaces

@alexander-matthiesen alexander-matthiesen mentioned this issue Nov 1, 2022
Closed
@github-actions github-actions bot added the locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. label Sep 13, 2023
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 13, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. Question Issue is a question about Podman
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@rhatdan @hjoukl @TiloGit @AkihiroSuda @Poor12 @openshift-ci-robot @Jeffy1992