PS C:\Arch> .\Arch.exe get --default-uid
1000
[zmezei@jane ~]$ id
uid=1000(zmezei) gid=1000(zmezei) groups=1000(zmezei)
[zmezei@jane ~]$ id zmezei
uid=1000(zmezei) gid=1000(zmezei) groups=1000(zmezei),998(wheel),1001(tfenv)
[zmezei@jane ~]$ ls -l /var/lib/tfenv/versions -d
drwxrwxr-x 3 root tfenv 4096 Jun 7 21:49 /var/lib/tfenv/versions
[zmezei@jane ~]$ touch /var/lib/tfenv/versions/testfile
touch: cannot touch '/var/lib/tfenv/versions/testfile': Permission denied
[zmezei@jane ~]$ sudo su -l zmezei
[zmezei@jane ~]$ id
uid=1000(zmezei) gid=1000(zmezei) groups=1000(zmezei),998(wheel),1001(tfenv)
[zmezei@jane ~]$ id zmezei
uid=1000(zmezei) gid=1000(zmezei) groups=1000(zmezei),998(wheel),1001(tfenv)
[zmezei@jane ~]$ touch /var/lib/tfenv/versions/testfile
[zmezei@jane ~]$
--preserve-credentials
Don't modify UID and GID when enter user namespace. The default is to drops supplementary groups and sets GID and UID to 0.
So it drops supplementary groups by default, and I guess it happens here as well.