Only allow Rootless runs of Podman Machine

Podman Machine crashes if run as root. When creating the machine, we write the ignition so that the UID of the core user matches the UID of the user on the host. We by default, create the root user on the machine with UID 0. If the user on the host is root, the core UID and the Root UID collide, causing a the VM not to boot. [NO NEW TESTS NEEDED] Signed-off-by: Ashley Cui <acui@redhat.com>
2025-05-21 17:16:22 +08:00 · 2022-06-24 10:22:25 -04:00
parent 4274906a80
commit d9ff0fd15d
19 changed files with 65 additions and 18 deletions
--- a/docs/source/markdown/podman-machine-init.1.md
+++ b/docs/source/markdown/podman-machine-init.1.md
@ -10,9 +10,12 @@ podman\-machine\-init - Initialize a new virtual machine

 Initialize a new virtual machine for Podman.

-Podman on macOS requires a virtual machine. This is because containers are Linux -
+Rootless only.
+
+Podman on MacOS and Windows requires a virtual machine. This is because containers are Linux -
 containers do not run on any other OS because containers' core functionality are
-tied to the Linux kernel.
+tied to the Linux kernel. Podman machine must be used to manage MacOS and Windows machines,
+but can be optionally used on Linux.

 **podman machine init** initializes a new Linux virtual machine where containers are run.
 SSH keys are automatically generated to access the VM, and system connections to the root account
--- a/docs/source/markdown/podman-machine-inspect.1.md
+++ b/docs/source/markdown/podman-machine-inspect.1.md
@ -13,6 +13,8 @@ Inspect one or more virtual machines
 Obtain greater detail about Podman virtual machines.  More than one virtual machine can be
 inspected at once.

+Rootless only.
+
 ## OPTIONS
 #### **--format**

--- a/docs/source/markdown/podman-machine-list.1.md
+++ b/docs/source/markdown/podman-machine-list.1.md
@ -12,9 +12,12 @@ podman\-machine\-list - List virtual machines

 List Podman managed virtual machines.

-Podman on macOS requires a virtual machine. This is because containers are Linux -
-containers do not run on any other OS because containers' core functionality is
-tied to the Linux kernel.
+Podman on MacOS and Windows requires a virtual machine. This is because containers are Linux -
+containers do not run on any other OS because containers' core functionality are
+tied to the Linux kernel. Podman machine must be used to manage MacOS and Windows machines,
+but can be optionally used on Linux.
+
+Rootless only.

 ## OPTIONS

--- a/docs/source/markdown/podman-machine-rm.1.md
+++ b/docs/source/markdown/podman-machine-rm.1.md
@ -16,6 +16,7 @@ generated for that VM are also removed as is its image file on the filesystem.
 Users get a display of what will be deleted and are required to confirm unless the option `--force`
 is used.

+Rootless only.

 ## OPTIONS

--- a/docs/source/markdown/podman-machine-set.1.md
+++ b/docs/source/markdown/podman-machine-set.1.md
@ -10,6 +10,8 @@ podman\-machine\-set - Sets a virtual machine setting

 Change a machine setting.

+Rootless only.
+
 ## OPTIONS

 #### **--cpus**=*number*
--- a/docs/source/markdown/podman-machine-ssh.1.md
+++ b/docs/source/markdown/podman-machine-ssh.1.md
@ -16,6 +16,8 @@ with the virtual machine is established.

 The exit code from ssh command will be forwarded to the podman machine ssh caller, see [Exit Codes](#Exit-Codes).

+Rootless only.
+
 ## OPTIONS

 #### **--help**
--- a/docs/source/markdown/podman-machine-start.1.md
+++ b/docs/source/markdown/podman-machine-start.1.md
@ -10,9 +10,12 @@ podman\-machine\-start - Start a virtual machine

 Starts a virtual machine for Podman.

-Podman on macOS requires a virtual machine. This is because containers are Linux -
+Rootless only.
+
+Podman on MacOS and Windows requires a virtual machine. This is because containers are Linux -
 containers do not run on any other OS because containers' core functionality are
-tied to the Linux kernel.
+tied to the Linux kernel. Podman machine must be used to manage MacOS and Windows machines,
+but can be optionally used on Linux.

 Only one Podman managed VM can be active at a time. If a VM is already running,
 `podman machine start` will return an error.
--- a/docs/source/markdown/podman-machine-stop.1.md
+++ b/docs/source/markdown/podman-machine-stop.1.md
@ -10,9 +10,12 @@ podman\-machine\-stop - Stop a virtual machine

 Stops a virtual machine.

-Podman on macOS requires a virtual machine. This is because containers are Linux -
+Rootless only.
+
+Podman on MacOS and Windows requires a virtual machine. This is because containers are Linux -
 containers do not run on any other OS because containers' core functionality are
-tied to the Linux kernel.
+tied to the Linux kernel. Podman machine must be used to manage MacOS and Windows machines,
+but can be optionally used on Linux.

 **podman machine stop** stops a Linux virtual machine where containers are run.

--- a/docs/source/markdown/podman-machine.1.md
+++ b/docs/source/markdown/podman-machine.1.md
@ -7,7 +7,14 @@ podman\-machine - Manage Podman's virtual machine
 **podman machine** *subcommand*

 ## DESCRIPTION
-`podman machine` is a set of subcommands that manage Podman's virtual machine on macOS.
+`podman machine` is a set of subcommands that manage Podman's virtual machine.
+
+Podman on MacOS and Windows requires a virtual machine. This is because containers are Linux -
+containers do not run on any other OS because containers' core functionality are
+tied to the Linux kernel. Podman machine must be used to manage MacOS and Windows machines,
+but can be optionally used on Linux.
+
+All `podman machine` commands are rootless only.

 ## SUBCOMMANDS