Anever use the rootless ver, its garbage
Pit's not really a bug
Athe fact that the rootless ver exists means that you always need to type sudo and remember which one is which
Awhereas with docker its always sudo
Pundesired behavior yes, but this is exactly what is meant to happen when podman (or anything else) interacts with another filesystem while not necessarily being enlightened about it
Mdam
Adoesnt have to do with the filesystem
Arootless messes with permissions
Aencodes them differently
Pand those permissions have to do with the FS, this applies beyond the scope of just podman
Ai tried using rootless for the project im working on
Prootless is not great
Ai found 0 benefit and it only caused issues
Aalias podman='sudo podman'
PLOL
Aits meant for obscure RHEL deployments that cant use sudo for one reason or other
Aalso podman launches a daemon which blocks you from unmounting devices
Abut other than that its daemonless
Aok
Pi would have to agree with that assessment
Aso i get 0 of the daemon benefits and all of the daemon disadvantages
Aat least with docker i have a service i can turn off
Pi guess if you're doing like. edge deployments. it's kinda a non-concern too.
Alike using podman instead of docker? yes
Pidk i guess i'd rather have the option to use rootless at all than no option
Ano, if you have root perms it should always be root
Ait should priviledge escalate
Aand hide rootless behind a feature flag
Pright so we both agree it should still be a thing
Dits not 100% rootless
Drunning as root inside the container
Adid you launch podman with root or not?
Pi'm not saying it's a sane default or useful for this env at all but having rootless is probably good for certain engineers
Dnop, i launched with normal user
Athats the issue
P:(
Dwhy does cp work then?
Dim not performing sudo cp, the permissions are fine
V
Pbecause your host isn't going out of its way to prevent any of this
Ayou get permission funnies because the container cant access stuff you copy
Dthat's not making any sense to me, on the host im not doing anything with root, not dolphin, not the terminal, yet it results in different permissions
Abut you have access to the container storage because its running as your user
Pbasically what's happening is your host FS doesn't have any clue about podman's internal filesystem PIDs etc and vice versa
Dohhh
Pjust because you can write to somewhere that isn't mapped correctly doesn't mean it's correct behavior
Aif you want your container to act as your user
AAAi did it here