After reading a lot of Dan Walsh's articles on the matter, for the first time in my life I feel like understanding #containers, #podman, #docker, #rootful and #rootless, and how they differ in Docker vs. Podman. Which just means I misunderstood enough to be dangerous.

(tbf, I come from a probably not-so-common perspective of having had an okayish grasp of user namespaces but didn't grok podman.)

Also, in case you forget to use those flags, you can commit the current state of your container into an image and create a new container that is rootful and has an init system by following the instructions here:

https://distrobox.privatedns.org/useful_tips.html#container-save-and-restore

(You don’t have to save the image to disk unless you want to back it up. Which is not a bad idea, really.)

#distrobox #rootful #init #systemd #fedora #silverblue