Podman rootless container launched by user A, volume owned by B

[maxime-gerum]

I have a use case that I can't solve:

UserA:
podman run -it -v /path/test:/test ImageLaunchedWithUserB

• UserB exist on host
• /path/test/ owned by UserB

Expected:

• In container: touch /test/test.txt owned by UserB
• In host: /path/test/test.txt owned by UserB and must be accessible by this user

I have already tried many things like 'keep-id' flags, same uid/gid in user image but I always get "nobody:nogroup".
Also tested unshare command with UserB: Own the right UserB in container and I can create some files but in host, the owner becomes 'containerUserBSubUid' and it's not what I expect (Ideally I should not touch the host rights)

I probably missed some subtlety or parameter that would allow me to do this. Thanks all

[rhatdan]

podman unshare is going to map UserB UID to root within the user namespace
podman run --user=keep-id is going to map UserB UID to UserB UID within the user namespace.

That file in any other container not created with UserB UserNamespace is going to be treated as "nobody:nogroup".
Unless the UID:GID of the file on disk is mapped into the user namespace of the container that is looking at it.

[maxime-gerum]

Thanks @rhatdan it really got me unstuck :)