Docker Community Forums

Share and learn in the Docker community.

Not understanding what userns-remap does

Issue Type: Configuring UIDs
OS: Fedora 31
Docker: 19.03.12

My goal is the have my container have a root user mapped to my host root (this is just for my own use) and add a non-root user (“alan.inside”) to the container which maps (by UID) to my regular (non-root) user “alan” in my host.
Ultimately, I want to have a bind-mount from which host user “alan” can read/write and also container user “alan.inside” can read/write.

However, my Fedora gives high value UIDs to regular users so my current host users look like this:
$ id


Because of the high values, I can’t simply give “alan.inside” a UID of 1625000021.
So, I’m using the userns-remap feature.

The userns-remap documentation confuses me. I attempted to use the first row to map root to root and the 2nd row to be used for container system-users as-needed. The 3rd row was intended for me to use to map alan and alan.inside from a “RUN useradd …” command in my docker file.

$ cat /etc/subuid (and cat /etc/subgid)

However, I don’t understand what UID value to specify in my “RUN useradd …” command to leverage the allocation in my 3rd row (get it to be mapped to “alan” in my host).

For bonus points, please explain what the “dockremap” user (created via userns-remap=“default”) has to do with ANYTHING?

I have this working now. I did the following.
$ cat /etc/subuid (and cat /etc/subgid)

And in my docker file, I use:
RUN useradd -u 1001 -m -d “/home/alan.inside” -s /bin/bash “alan.inside”

So, the 1001 puts it beyond the 2nd row allocation and ends up mapping to my 1625000021 (“alan”) on my host. Perfect!