podman

podmon is used to run container as non-root user.

loginctl enable-linger webuser
loginctl user-status webuser


mkdir -p config/systemd/user/

podman run -d --cap-add CAP_NET_BIND_SERVICE --net=host  --name nginx

podman generate systemd --files --name nginx

cp container-nginx.service .config/systemd/user/

systemctl --user enable nginx.service
 
systemctl --user stop nginx.service
systemctl --user start nginx.service

Sample Service file

cat nginx.service 
# container-nginx.service
# autogenerated by Podman 1.6.4
# Wed Nov 18 01:18:52 UTC 2020

[Unit]
Description=Podman container-nginx.service
Documentation=man:podman-generate-systemd(1)

[Service]
Restart=on-failure
ExecStart=/usr/bin/podman start nginx
ExecStop=/usr/bin/podman stop -t 10 nginx
KillMode=none
Type=forking
PIDFile=/run/user/1000/overlay-containers/f7418355c4fe2b8c283ba3bed2b3e7daf1f17f8d76caf9a506ebfcb976f994b4/userdata/conmon.pid

[Install]
WantedBy=multi-user.target

Copyright © 2004, Software Groups