Fix: Rootless Podman-in-Podman on WSL

Fixes: #27411

## pkg/machine/wsl/declares.go
Adjust SUB_UID and SUB_GID ranges to support running rootless Podman inside a rootless run Podman container.

By default, a new user is assigned the following sub-ID ranges:
  SUB_UID_MIN=100000, SUB_GID_MIN=100000, SUB_UID_COUNT=65536, SUB_GID_COUNT=65536
This means the user’s sub-UID and sub-GID ranges are 100000–165535.

When the container is run rootless with the user defined below, ID mappings occur as follows:
- Container ID 0 (root) maps to user ID 1000 on the host (which is the user created below).
- Container IDs 1–65536 map to IDs 100000–165535 on host (the subid range previously mentioned).

If a new user is created inside this container (to build containers for example), it will
attempt to use the default sub-ID range (100000–165535). However, this exceeds the container’s
available ID mapping, since only IDs up to 65536 are mapped. This causes nested rootless Podman
to fail.

To enable container-in-container builds, the sub-ID ranges for the user must be large enough
to provide at least 65536 usable IDs. A minimum SUB_UID_COUNT and SUB_GID_COUNT of 165536 is
required, but 200000 is used here to provide additional margin.

Signed-off-by: dvorst <[email protected]>

Author: dvorst

pkg/machine/wsl/declares.go

@@ -38,6 +38,8 @@ ln -fs /dev/null /etc/systemd/system/console-getty.service
 ln -fs /dev/null /etc/systemd/system/systemd-oomd.socket
 mkdir -p /etc/systemd/system/systemd-sysusers.service.d/
 echo CREATE_MAIL_SPOOL=no >> /etc/default/useradd
+sed -ir 's/SUB_UID_COUNT.*/SUB_UID_COUNT 200000/' /etc/login.defs
+sed -ir 's/SUB_GID_COUNT.*/SUB_GID_COUNT 200000/' /etc/login.defs
 adduser -m [USER] -G wheel
 mkdir -p /home/[USER]/.config/systemd/[USER]/
 chown [USER]:[USER] /home/[USER]/.config