I am moving from Docker to rootless podman and one thing that’s surprising to me is that podman can create files that my user is, seemingly, not allowed to even read, so I need root to backup them.
For example, this one created by the postgres service of immich:
-rw-------. 1 525286 525286 1.6K Oct 2 20:16 /var/home/railcar/immich/postgres/pg_stat_tmp/global.stat
Is this expected in general (not for immich in particular)? Is there a single solution to solve this of does it have to be built in the images? It really feels wrong that I can start a container that will create files I am not allowed to even read.
Ah, in that case you will probably need to go into the container to do the backup. I avoid mounted volumes.