Asahi Linux Apple M1 - System doesn't have a functional idmap setup (Fedora 43)

1

I am struggling to launch a container.

sudo incus launch images:alpine/3.23

Message:

Error: Failed instance creation: Failed creating instance record: Failed initializing instance: System doesn't have a functional idmap setup

As I am not familiar with Fedora it didn’t help to just install uidmap as it is not present. Is there another solution?

2

Incus is the primary reason I discarded Fedora for Asahi when I was running it on my M1 device.

If you are not super-tied to Fedora, you may want to consider Ubuntu or my personal favourite, Debian.

Asahi Linux M1 - struggling with VMs
3

Oh didn’t notice the link to the solution :slight_smile:

4

Do you know how to figure out which kernel version is used without installing?

5

I know they are recent enough for everything I need to function well.
I can’t recall precisely but I know it is the same as the kernel version in the regular versions of the distros.

6

Not sure if your issue is specific to the M1 chip as I had similar problems on Intel x86_64 on Fedora 43.

It seems that the root user does not have default subuid and subgid ranges and these are needed to start the container or VM.

However using this command:

echo “root:1000000:1000000000” | sudo tee -a /etc/subuid /etc/subgid

fixed the issue for me.

Documentation

7

The M1 seems to work perfectly fine with Incus no matter container/VM. But some distribution have Issues. The fix you mentioned fixes the container side of Incus. VMs can still be a problem. But VMs do work (as Abiola mentioned) on Debian 13 and Ubuntu 24.04 so hopefully someone figures out how to fix that one for Fedora and Arch Linux.

8

In case someone else is having problems using Incus on Fedora and ends up on this thread as I did, there are three small issues currently.

  1. LXC containers need the subuid and subgid fix described in post #6.
  2. For a VM, you need to additionally install the qemu-audio-spicepackage which is not listed in the dependencies as I feel it should be. I’ve submitted a pull request for this. Without it, a VM will not boot.
  3. The incus-agentbinary shipped from the Fedora repos is broken. I understand that there is an issue in their Go toolchain.This means that although you can now start a VM, you can’t shell into it. This binary can be directly replaced with one form the Incus project Github by running the command below:
sudo curl -L -o /usr/bin/incus-agent https://github.com/lxc/incus/releases/latest/download/bin.linux.incus-agent.x86_64

After this, I believe everything will work as expected.