Hey everyone, I’ve been running OpenClaw agents in Docker on my home server for a few months. I kept reading about rootless containers being a big deal for security, so I decided to take the plunge and switch to Podman. It was a bit of a weekend project, but I wanted to share my experience and reasoning.

My main goal was to reduce the attack surface. In Docker, the daemon runs as root, and if something breaks out of the container, it could have root on my host. That scared me a bit, especially as I’m trying to learn more about securing my AI agents. Podman runs containers as my regular user by default, which felt like a safer starting point.

The setup wasn’t too bad. I installed Podman on my Ubuntu server, migrated my Docker Compose setup for my agents using `podman-compose`. The biggest “aha” moment was realizing I didn’t have to mess with a daemon anymore. I can just start containers with my user, and it uses my user’s namespace. It feels more lightweight.

I’m still learning, so I have some questions. Are there any specific Podman features or security flags I should be combining with this rootless mode for my OpenClaw agents? Like, should I always run with `--read-only` or drop all capabilities by default? Also, any gotchas with networking or volume mounts in rootless mode that I should watch out for?

Overall, it feels like a step in the right direction for my little home lab. The peace of mind is worth the slight learning curve.

Ash