Skip to content

rwxd/ansible-role-subuid_subgid

Folders and files

NameName
Last commit message
Last commit date

Latest commit

732ee4f · Aug 25, 2024

History

56 Commits
Aug 25, 2024
May 11, 2024
Jul 1, 2022
May 11, 2024
May 11, 2024
May 11, 2024
Jul 1, 2022
Jul 1, 2022
Apr 26, 2024
Jul 1, 2022
Jul 1, 2022
Jul 1, 2022
Sep 8, 2023
Apr 26, 2024
Apr 26, 2024
Aug 25, 2024

Repository files navigation

Ansible Role for Generating Subuids & Subgids

Creates subuid & subgid mappings for users.

Inspired from this blog article https://eengstrom.github.io/musings/generate-non-contiguous-subuid-subgid-maps-for-rootless-podman

Install

roles/requirements.yml

---
roles:
  - name: subuid_subgid
    version: main
    src: git@github.com:rwxd/ansible-role-subuid_subgid.git
    scm: git

ansible.cfg

[defaults]
roles_path=./roles

Get requirements with ansible-galaxy role install -r roles/requirements.yml

Usage

A subid_users variable is required e.g.:

- name: Set users
  set_fact:
    subid_users:
      - peter
      - james

- name: Generate subuids & subgids
  include_role:
    name: subuid_subgid

/etc/subuid will contain

peter:65929216:65536
james:65470464:65536

/etc/subgid will contain

peter:65929216:65536
james:65470464:65536

Configure the size of the bitshift

UID's can be not larger than 2^32. So if you have large UID's you may want to use a smaller bitshift. https://wiki.gentoo.org/wiki/Subuid_subgid https://bit-calculator.com/bit-shift-calculator

- name: Generate subuids & subgids
  include_role:
    name: subuid_subgid
  vars:
    subuid_bitshift: 16
    subgid_bitshift: 16