4:07 a.m.
On 18/02/2021 12:51, Daniel Walsh wrote:
This should be the same, but the container you create within the pod
will need the annotation.
_______________________________________________
Thank you for your reply.
I don't seem to have had any luck with this. Creating as follows:
`podman create --name windowsnoob-fpm --annotation
run.oci.keep_original_groups=1 --pod windowsnoob -v
/var/www/html/websites/windows:/var/www/html/websites/windows:Z,noexec,nodev,rw
windowsnoob-fpm`
still leaves me with root:nobody ownership in the container.
The annotation does appear if I `podman inspect` the created container.
(I'm less concerned about group membership here, as the directory on the
host is owned by the user creating this container -- it's just that I'd
like the ownership of the mounted volume inside the container to also be
a non-root user; the `oci.keep_original_groups` solution did work to
achieve this in the `podman run` scenario.)
Peter Upfold