[jtreminio]

Not a Podman or Docker-specific question/complaint, but is anyone working on a solution around UID/GID remapping between container and host? Not the "solution" offered by user namespaces, because those can only do a 1:1 remap, but an "anything any user writes inside the container is owned by the host user".

In other words, if host UID 1000 runs a container that has UID 100, 101, 102 and they all write files to a mounted volume, it would be great if all file writes were attributed to the host UID of 1000.

Instead, if user namespaces are configured correctly they would attribute to UID 1000, 1001, 1002 on host.

[rhatdan]

fuse-overlay has some support for this, but it is fairly experimental. Basically it allows mapping of all files to a single UID, and then stores container owners/permission in XAttrs. When fuse-overlayfs exposes the image to the container process it exposes the xattr user/group and permissions.

[jmholla]

You can use ACLs for this.