Skip to content

feat: add owner-managed userns ranges#29

Draft
ncode wants to merge 1 commit into
fiorix:mainfrom
ncode:main
Draft

feat: add owner-managed userns ranges#29
ncode wants to merge 1 commit into
fiorix:mainfrom
ncode:main

Conversation

@ncode

@ncode ncode commented May 14, 2026

Copy link
Copy Markdown
Contributor

Introduce owner-aware user namespace setup so containers get stable, per-container subordinate UID/GID ranges instead of ephemeral host mappings.

Persist assigned ranges in container state, reuse them during start, and add managed subid cleanup through prune with coverage for allocation, lifecycle, and systemd drop-ins.

Introduce owner-aware user namespace setup so containers get stable, per-container subordinate UID/GID ranges instead of ephemeral host mappings.

Persist assigned ranges in container state, reuse them during start, and add managed subid cleanup through prune with coverage for allocation, lifecycle, and systemd drop-ins.
@fiorix

fiorix commented May 26, 2026

Copy link
Copy Markdown
Owner

This makes sense to me. It also seems like this can enable a better provisioning for the ranges. Cheers!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants