Podman cannot pull container images with "potentially insufficient UIDs or GIDs available in user namespace"

Solution Verified - Updated -

Issue

  • Running podman pull <IMAGE>:<IMAGETAG> as a rootless user can't pull certain container images.

  • After pulling certain container images, the following error is shown

    Error: writing blob: adding layer with blob "sha256:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx": processing tar file(potentially insufficient UIDs or GIDs available in user namespace (requested <UID>:<GID> for /<PATH> ): Check /etc/subuid and /etc/subgid if configured locally and run podman-system-migrate: lchown /<PATH>: invalid argument): exit status 1

  • The image is not saved locally afterward as podman images reports no such images downloaded:

    [myuser@my-rhel ~] $ podman images
[myuser@my-rhel ~] $

Environment

  • Red Hat Enterprise Linux (RHEL)
    • 7
    • 8
    • 9
  • Rootless podman
  • The issue may be present on certain container images, but not others.

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content