From 0a63caf3239778020007b14bd013d419861760e0 Mon Sep 17 00:00:00 2001
From: claude-veilor-bot <279801990+s8n-ru@users.noreply.github.com>
Date: Wed, 6 May 2026 14:07:22 +0100
Subject: [PATCH] ci: add --userns=host to nested Fedora build container

Forgejo runner on nullstone runs against a daemon with
userns-remap=default. addnab/docker-run-action launches the Fedora 43
build container with --privileged, which is incompatible with
userns-remap unless --userns=host is also set.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
---
 .github/workflows/build-iso.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/build-iso.yml b/.github/workflows/build-iso.yml
index 3704b64..f5e8d20 100644
--- a/.github/workflows/build-iso.yml
+++ b/.github/workflows/build-iso.yml
@@ -55,6 +55,7 @@ jobs:
           image: registry.fedoraproject.org/fedora:43@sha256:72e874e771b953c6357c7a5823c6fc1e3e3253b90121e795febe01380e32269b
           options: |
             --privileged
+            --userns=host
             -v ${{ github.workspace }}:/work
             -v /dev:/dev
             --tmpfs /tmp:rw,nosuid,nodev,exec,size=16G