How to logrotate official nginx docker image running by podman

I started official nginx image in podman under root with command: sudo podman run --name nginx \ ... \ -v /var/log/nginx:/var/log/nginx \ docker.io/library/nginx:latest Logging working ok, but when try to logrotate on the host machine with all configurations taken from internet it fails, for example this one: /var/log/nginx/*.log { hourly missingok rotate 24 compress delaycompress notifempty su root root create 0644 sharedscripts postrotate podman exec nginx /bin/bash reset_log.sh endscript } reset_log.sh script contains well known command to start new log, and it works as expected if log into container and run manually: kill -USR1 cat /var/run/nginx.pid But all this stuff does not work together as expected, logging continues to access.log.1 file or no logging at all. Tried variants without 'su root root', without 'create ..' - no success. Update: it seems there is a permission issue, need more investigation. manual enforced command logrotate -f -v /etc/logrotate.conf works as expected. No selinux or apparmor installed on host (arch linux) systemd: Starting Rotate log files... conmon: conmon 32834b35446220b4e6d4 : runtime stderr: setns mnt: Operation not permitted fail startup conmon: conmon 32834b35446220b4e6d4 : Failed to create container: exit status 1 logrotate: Error: crun: setns mnt: Operation not permitted: OCI permission denied logrotate: error: error running shared postrotate script for '/var/log/nginx/*.log ' systemd: logrotate.service: Main process exited, code=exited, status=1/FAILURE systemd: logrotate.service: Failed with result 'exit-code'. systemd: Failed to start Rotate log files.