podman: drop checking valid rootless UID

do not check whether the specified ID is valid in the user namespace. crun handles this case[1], so the check in Podman prevents to get to the OCI runtime at all. $ podman run --user 10:0 --uidmap 0:0:1 --rm -ti fedora:33 sh -c 'id; cat /proc/self/uid_map' uid=10(10) gid=0(root) groups=0(root),65534(nobody) 10 0 1 [1] https://github.com/containers/crun/pull/556 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2025-09-19 12:56:57 +08:00 · 2020-12-11 15:35:41 +01:00
parent deb00425c2
commit f711f5a68d
4 changed files with 0 additions and 38 deletions
--- a/pkg/util/utils_linux.go
+++ b/pkg/util/utils_linux.go
@ -6,7 +6,6 @@ import (
 	"path/filepath"
 	"syscall"

-	"github.com/containers/podman/v2/pkg/rootless"
 	"github.com/containers/psgo"
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
@ -53,19 +52,3 @@ func FindDeviceNodes() (map[string]string, error) {

 	return nodes, nil
 }
-
-// CheckRootlessUIDRange checks the uid within the rootless container is in the range from /etc/subuid
-func CheckRootlessUIDRange(uid int) error {
-	uids, _, err := rootless.GetConfiguredMappings()
-	if err != nil {
-		return err
-	}
-	total := 0
-	for _, u := range uids {
-		total += u.Size
-	}
-	if uid > total {
-		return errors.Errorf("requested user's UID %d is too large for the rootless user namespace", uid)
-	}
-	return nil
-}