Creates subuid & subgid mappings for users.
Inspired from this blog article https://eengstrom.github.io/musings/generate-non-contiguous-subuid-subgid-maps-for-rootless-podman
roles/requirements.yml
---
roles:
- name: subuid_subgid
version: main
src: git@github.com:rwxd/ansible-role-subuid_subgid.git
scm: git
ansible.cfg
[defaults]
roles_path=./roles
Get requirements with ansible-galaxy role install -r roles/requirements.yml
A subid_users
variable is required e.g.:
- name: Set users
set_fact:
subid_users:
- peter
- james
- name: Generate subuids & subgids
include_role:
name: subuid_subgid
/etc/subuid
will contain
peter:65929216:65536
james:65470464:65536
/etc/subgid
will contain
peter:65929216:65536
james:65470464:65536
UID's can be not larger than 2^32. So if you have large UID's you may want to use a smaller bitshift. https://wiki.gentoo.org/wiki/Subuid_subgid https://bit-calculator.com/bit-shift-calculator
- name: Generate subuids & subgids
include_role:
name: subuid_subgid
vars:
subuid_bitshift: 16
subgid_bitshift: 16