Can the idmap.base be set to another value without idmap.isolated enabled?
The reason for the question is:
In our company people can get ids above 1000000 from centrify and than they are not able to start a container with id mapping activated.
Setting security.idmap.base=5000000 combined with security.idmap.isolated=true should indeed do what you want and is really no different than LXD having a different base uid/gid though maybe also bump security.idmap.size to something larger than the default 65536 if that’s useful to you.
But having two or more containers writing to shared folders is than not possible - right? Or is this not a problem?
So long as they have the same security.idmap.base, they’ll be using the same map.