On 2019-06-17 16:22, Eric Gustavsson wrote:
Thanks for the quick responses!
I tried running without --user, got the same error with permission denied
to touch the data/ directory
$ podman run -d --name bitwarden -e ROCKET_PORT=8080 -v
/home/spytec/Bitwarden/bw-data/:/data/ -p 8080:8080
bitwardenrs/server:latest
With the --userns=keep-id I do get the 1000:1000 on the folder and the
container runs as it, but also there I get permission denied.
$ podman run -d --userns=keep-id --name bitwarden -e ROCKET_PORT=8080 -v
/home/spytec/Bitwarden/bw-data/:/data/ -p 8080:8080
bitwardenrs/server:latest
If I tried this to see it inside the container:
$ podman run -ti --name bitwarden --rm --userns=keep-id -e
[ROCKET_PORT=8080,ENABLE_DB_WAL=false] -v
/home/spytec/Bitwarden/bw-data/:/data/ -p 8080:8080
bitwardenrs/server:latest /bin/bash
1000@7253b86a0681:/$ touch /data/test
touch: cannot touch '/data/test': Permission denied
1000@7253b86a0681:/$ ls -l | grep data
drwxrwxrwx. 2 1000 1000 4096 Jun 13 16:57 data
Thanks,
Eric Gustavsson
Associate Software Engineer
Red Hat <
https://www.redhat.com>
<
https://www.redhat.com>
Sounds like SELinux.
Try running the container with `--security-opt label=disable` - that
should let you access the folder on the host without issue.
Thanks,
Matt Heon
On Mon, 17 Jun 2019 at 16:12, James Cassell <fedoraproject(a)cyberpear.com>
wrote:
> On Mon, Jun 17, 2019, at 9:53 AM, Eric Gustavsson wrote:
> > Hi all,
> >
> > I got a bit on an issue trying to spin up a container with a volume
> > mounted to the container's /data directory. Got a related issue here
> > but I believe I'm just missing out on something Podman specific
> >
https://github.com/dani-garcia/bitwarden_rs/issues/506
> >
> > When I run this command and mount /bw-data to container's /data the
> > bitwardenrs image can't write to it.
> > podman run -d --user 1001 --name bitwarden -e
> > [ROCKET_PORT=8080,ENABLE_DB_WAL=false] -v
> > /home/spytec/Bitwarden/bw-data/:/data/ -p 8080:8080
> > bitwardenrs/server:latest
> >
> > Inside the container the /data directory is assigned to root, outside
> > the container /bw-data has 0777 permissions and belong to myself (user
> > 1001).
> >
> > Am I missing something?
>
> With rootless containers, the root uid inside the container is the regular
> uid outside of the container. Use `--userns=keep-uid` to see your user
> mapped as the same uid inside and out.
>
> V/r,
> James Cassell
> _______________________________________________
> Podman mailing list -- podman(a)lists.podman.io
> To unsubscribe send an email to podman-leave(a)lists.podman.io
>
_______________________________________________
Podman mailing list -- podman(a)lists.podman.io
To unsubscribe send an email to podman-leave(a)lists.podman.io