All commands fail: newuidmap: write to uid_map failed: Operation not permitted

[wspear]

Issue Description

All podman commands except 'help' fail with newuidmap error

Steps to reproduce the issue

Steps to reproduce the issue

1. spack install podman^[email protected]
2. spack install shadow
3. spack load shadow
4. spack load podman
5. podman version

Describe the results you received

$podman version
ERRO[0000] running /home/wspear/bin/SPACK/spack/opt/spack/linux-ubuntu22.04-westmere/gcc-11.4.0/shadow-4.15.1-scebl4w32yzrxr32gpmomkcfk63j6o5d/bin/newuidmap 1019899 0 1000 1 1 100000 65536: newuidmap: write to uid_map failed: Operation not permitted
Error: cannot set up namespace using "/home/wspear/bin/SPACK/spack/opt/spack/linux-ubuntu22.04-westmere/gcc-11.4.0/shadow-4.15.1-scebl4w32yzrxr32gpmomkcfk63j6o5d/bin/newuidmap": should have setuid or have filecaps setuid: exit status 1

Describe the results you expected

Ideally any podman command should work.

podman info output

I am using a spack installed [email protected] and a spack installed shadow-utils on ubuntu 22.04 for x86_64 (bare metal workstation)

Podman in a container

No

Privileged Or Rootless

Rootless

Upstream Latest Release

No

Additional environment details

n/a

Additional information

Chmodding newuidmap and newgidmap to 4755 and running with '--storage-opt ignore_chown_errors' made no difference.

cat /etc/subuid
wspear:100000:65536

[Luap99]

Chmodding newuidmap and newgidmap to 4755

I have no idea what spack is but it looks like the binary path is under the home dir so is the owner your user? In this case the setuid bit will do nothing. The binary must be owned by root to escalate privs.

[sehaartuc]

I've the same issue currenty. Could you be able to find a way to solve it @Luap99 ?
Thanks.