Make devcontainers work on Fedora with SELinux / rootless podman

Last changed: Fri, 24 Jan 2025 14:56:29 CET
Change ID: ac968a78eeb73edecc0f3067d7c6bc2c532bc3a2

I needed to add the following to my .devcontainer.json to get it going:

  "runArgs": [
    "--userns=keep-id:uid=1000,gid=1000",
    "--security-opt=label=disable"
  ],
  "containerUser": "vscode",

(Assuming your user ID is 1000. Find it by running id in a terminal)

Here’s a complete example which patched the auto-generated devcontainer file created by devenv.sh:

{
  "customizations": {
    "vscode": {
      "extensions": ["mkhl.direnv"]
    }
  },
  "image": "ghcr.io/cachix/devenv:latest",
  "overrideCommand": false,
  "updateContentCommand": "devenv test",
  "runArgs": [
    "--userns=keep-id:uid=1000,gid=1000",
    "--security-opt=label=disable"
  ],
  "containerUser": "vscode",
  "updateRemoteUserUID": true
}

References

Making Visual Studio Code devcontainerwork properly on rootless Podman
microsoft/vscode-remote-release#1333: Support SELinux enabled systems