Setting up subuid and subgid ranges with rootless-podman-service

I have followed the example setup in the latest Guix manual for the rootless-podman-service setup. I am getting this message when reconfiguring:

making ‘/var/guix/profiles/system-22-link’ the current system…
populating /etc from /gnu/store/pfwv8lddz58xdncvq5b4xiqxiljai062-etc…
setting up privileged programs in ‘/run/privileged/bin’…
#<&invalid-subid-range-error range: #< name: “jesse” start: 10000 count: 65535>>

My setup looks like this:

(services (append (list
;; ...
;; Services for podman ___________________________________________
(service dbus-root-service-type)
(service elogind-service-type)
(service iptables-service-type
(iptables-configuration
(ipv4-rules (plain-file “iptables.rules” %iptables-rules)
)))
(service rootless-podman-service-type
(rootless-podman-configuration
(subgids
(list (subid-range (name “jesse”))))
(subuids
(list (subid-range (name “jesse”)))))))
%base-services)))

I’m actually trying to troubleshoot a weird situation where after doing a system reconfigure with this setup all of these services run (iptables, elogind, etc). However when I reboot, my current profile is pointing to an old one not the one that is reported to be getting activated during the system reconfigure. This is the only error message I see and was thinking maybe it is causing an issue.

Does this error message mean anything?

Did you also update your user config? I don’t see it in the config you provided. Your user needs to be in cgroup group, I think.

See: Podman on guix (rootless-podman-service-type) - #6 by wegei8

Yep I have that:

   (user-account
    (name "jesse")
    (comment "Administrator")
    (group "users")
    (supplementary-groups '("wheel"
                            "audio" "video"
                            "netdev" "cgroup" )))

I think I have this figured out over here: Guix Generation Persistence - #9 by moonling