[bdhcuidbebe]

systemd runs as root yes, but services started by systemd dont unless you instruct them to.

that means your podman containers dont run as root unless you want them to.

mine runs as user services

[windexh8er]

I don't see your point. This is exactly how Docker works. Containers that are running when instantiated from the Docker daemon don't need to be run as root. But you can... Just like your containers started from SystemD (quadlet).

I run all my containers, when using Docker, as non-root. So where is the upside other than where your trust lies?

[bdhcuidbebe]

> So where is the upside other than where your trust lies?

The upside is political rather than technical, in that Docker signalef multiple times before they happily will pull the rug for developers.

Moving away from that is the driving motivation for using podman. The fact that podman happens to be better engineered is just added bonus.