From 1c1bd57c921947861b648ef27a8f5ce33f921d70 Mon Sep 17 00:00:00 2001
From: xiaohei <3440556848@qq.com>
Date: Sun, 16 Feb 2025 07:52:29 +0800
Subject: [PATCH] =?UTF-8?q?=E5=B0=9D=E8=AF=95=E5=88=9B=E5=BB=BA=E9=9D=9E?=
 =?UTF-8?q?=E7=89=B9=E6=9D=83=E7=94=A8=E6=88=B7?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .gitea/workflows/docker-build.yml | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/.gitea/workflows/docker-build.yml b/.gitea/workflows/docker-build.yml
index e489da3..f5575b0 100644
--- a/.gitea/workflows/docker-build.yml
+++ b/.gitea/workflows/docker-build.yml
@@ -27,6 +27,18 @@ jobs:
       - name: install podman
         run: apt update && apt install podman -y
 
+      - name: 创建非特权用户
+        run: |
+          # 2. 创建用户 (如果需要)
+          adduser podmanuser
+          
+          # 3. 配置 subuid/subgid
+          echo "podmanuser:100000:65536" >> /etc/subuid
+          echo "podmanuser:100000:65536" >> /etc/subgid
+
+          # 4. 切换到非 root 用户
+          su - podmanuser
+
       - uses: redhat-actions/buildah-build@v2
         with:
           image: my-new-image
@@ -34,6 +46,9 @@ jobs:
           dockerfiles: |
             ./Dockerfile
 
+
+
+
       # - name: Print to Log
       #   id: print-to-log
       #   uses: ./