Bitbucket Cloud build fails due to error: “Container ID Cannot Be Mapped to Host ID Error”

Platform Notice: Cloud Only - This article only applies to Atlassian products on the cloud platform.

Summary

As a part of the ongoing security hardening process in Bitbucket Pipelines, we decided to enable docker userns remap to eliminate potential security risks that might affect our users.

Source: Changes to make your containers more secure on Bitbucket Pipelines - Atlassian Community

The following is one of the errors that you will see once we enforce the “userns” security feature:

1 Error: Container ID 166537 cannot be mapped to a host ID

Solution

Cause 1

The configured User in the docker image is not within the "userns" range(0-65535).

Solution 1

You need to fix your docker image or use a different 'userns" range within the acceptable range for this scenario.

Cause 2

Docker cannot read/write files owned by uid/gid outside of the 0-65535 range.

Solution 2

You must update the ownership of the files using the command below before running the docker commands:

1 2 3 “chown -R <uid-in-range>:<gid-in-range> filename“ eg. “chown -R 165536:165536 $BITBUCKET_CLONE_DIR” (!) which will change to ownership to DinD’s root userid(165536)
Updated on March 20, 2025
Platform
Cloud only
Product
Bitbucket Cloud
On this pageSummarySolution

Still need help?

The Atlassian Community is here for you.
Ask the Community