Should we really recommend vscode + podman as supported?

the lines I had to add to my devcontainer.json where:

"runArgs": [
		"--userns=keep-id",
		"--security-opt=label=disable"
	  ],
"containerEnv": {
		"HOME": "/home/vscode"
	},

this for the default rust devcontainer image.

The default “try devcontainer sample” fails because of the lack of docker.socket .

The default file generated by the default “add devcontainer conf file” will fail because of some root user mismatch. if we run as root , then we get permission denied on the mounted workspace and the files are not accessible.

The “new devcontainer” command fails with the same problem

setting “keep-id” and forcing the devcontainer to use the non root user from the image solved the “boot without root” problem, but the workspace is still not acessible because of selinux.

All of that I found after jumping through several half solved github :confused: . There are other possibilities to solve the problem that involve mounting the workspace manually inside your devcontainer, using the “Z” (which will relabel the files in your workspace), forcing everything to run as root , …

The experience to understand (and solve) is confusing and quite frustrating. It’s easy to do the wrong thing if we don’t understand the pieces involved, and is not that hard to end with a scenario that “kinda works”, but will reloabel your files, or change their permission

I’m don’t believe a regular “devcontainer.json” from a public project will work inside podman without change.

I would not recommend that as a “paved road” for someone that just wanna "have things works"™ .

Docker seems to be the “no friction” option for now and it would be better to recommend that instead of podman.

Edit: adding some references where I found those configurations