📖 ~1 min read
Table of contents
Symptom & Impact
Rootless podman fails to start container
Environment & Reproduction
/etc/subuid or /etc/subgid lacks range for user on CS9.
Root Cause Analysis
newuidmap rejects mapping due to missing or duplicate subordinate UID range.
Quick Triage
podman info reports errors, and getsubids shows nothing.
Step-by-Step Diagnosis
Run: grep /etc/subuid /etc/subgid; podman system migrate.
Solution – Primary Fix
sudo usermod –add-subuids 100000-165535 –add-subgids 100000-165535 .
Still having issues? Our IT Solutions & Services team can diagnose and resolve this for you. Get in touch for a free consultation.
Solution – Alternative Approaches
Enable lingering and use rootful podman if rootless is not required.
Verification & Acceptance Criteria
podman run –rm hello-world succeeds without errors.
Rollback Plan
Remove subuid entries with usermod –del-subuids and revert.
Prevention & Hardening
Document subuid allocation policy and provision via Ansible.
Related Errors & Cross-Refs
Pairs with cannot create user namespace and newuidmap errors.
Related tutorial: View the step-by-step tutorial for centos-stream-9.
View all centos-stream-9 tutorials on the Tutorials Hub →
Browse all common problems & solutions on the Tutorials Hub.
References & Further Reading
subuid(5) and podman rootless tutorial.
Need Expert Help?
If you cannot resolve this yourself, our team offers hands-on Server Management, Managed IT Services, and flexible Support Plans. Contact us today — we respond within one business day.
