• 0 Posts
  • 2 Comments
Joined 1 year ago
cake
Cake day: June 10th, 2023

help-circle
  • This is a consequence of user namespaces, which tripped me up until I read this article from Red Hat about running rootless containers as a non-root user. At that point I got that (the default options) map UID 0 in the container to my UID (i.e. 1000), but the other mappings were confusing.

    The short version of the useful part (for me) of that article was podman unshare (man podman-unshare), which launches a shell in a user namespace, like when you start a container. You can run the following command to see how the UIDs are mapped inside of the namespace:

    $ podman unshare cat /proc/self/uid_map
             0       1000          1
             1     100000      65536
    

    This is read (for this purpose, see man user_namespaces for a more detailed explanation of this) as “inside this namespace, the UIDs in column 1 map to the UID in column 2 on the caller process, for (column 3) IDs”. There is also gid_map which works the same way, but for groups.

    The snippet above is from my machine, so in a podman container, UID 0 maps to UID 1000 on the “host”, which is me, and this is “good” for only 1 user. Then, starting with UID 1, the container maps to UID 100000 in the container, and is good for 65536 UIDs. This is why when you set the PUID and GUID environment variables, on your filesystem you see the files are owned by 100999:100999 - you can use the mapping to figure the math out: 100000+1000-1=100999.

    Since podman unshare puts you in a shell that has the same (? terminology might not be totally right here) user namesapce as your containers, you can use it for lots of stuff – like in your comment you mentioned using chown to change the permissions to 100999:100999. Instead, you could have used podman unshare chown 1000:1000 which have correctly set the permissions for your volume mount, and on your filesystem outside the container, the permissions would be 100999:100999.


  • Another Kobo Libra 2 user here. In addition what other’s have said about wanting to escape Amazon’s reach, its also pretty open as far as these types of devices go. I use Overdrive (Libby) a lot and it’s integration is pretty nice, though it is certainly not hard to use with a Kindle anyways.

    If you like to tinker with your devices, Kobo devices won’t try and stop you from doing so. The following projects give you a lot of customization options to get exactly what you want out of your Kobo:

    • KOReader - This also works with a jailbroken Kindle, though it’s much easier to get going on Kobo. Tons of customization options and has very flexible style overrides and lots of plugins.
    • Plato is another reader application though only supported for Kobo devices. Does not feature as much customization as KOReader, but does more than the stock reader and has a very nice UI.
    • Even if you stick with the stock reader, there are a number of patches you can apply if there are things about the stock software that bug you.