9:09 p.m.
On 4/25/22 12:47, Daniel Walsh wrote:
On 4/24/22 18:36, R C wrote:
> Hello,
>
>
> I built a container that mounts the /home directy (it has one
> unprivileged user).
>
> (I used buildah and podman on that unprivileged account, using rhel8)
>
> However when I connect to the container, I see that the unprivileged
> user's home directory is owned by root.
>
>
> any idea why that would be, I am probably missing something
>
> thanks,
>
>
> Ron
>
> _______________________________________________
> Podman mailing list -- podman(a)lists.podman.io
> To unsubscribe send an email to podman-leave(a)lists.podman.io
Please show the actually podman command you are executing to see this
issue, also give the output of podman info
I probably have to change something with namespaces or so:
$ podman run -it --rm --name=home-fs -v $HOME:$HOME -v /mnt:/mnt -u
myuid localhost/home-fs
bash: /home/myuid/.bashrc: Permission denied
bash-4.4$
[rocr@containers ~]$ podman run -it --rm --name=home-fs -v $HOME:$HOME
-v /mnt:/mnt localhost/home-fs
[root@b82256bb2424 myuid]#
this is after executing it with -u myuid:
$ podman info
host:
arch: amd64
buildahVersion: 1.23.1
cgroupControllers: []
cgroupManager: cgroupfs
cgroupVersion: v1
conmon:
package: conmon-2.0.32-1.module+el8.5.0+13852+150547f7.x86_64
path: /usr/bin/conmon
version: 'conmon version 2.0.32, commit:
4b12bce835c3f8acc006a43620dd955a6a73bae0'
cpus: 24
distribution:
distribution: '"rhel"'
version: "8.5"
eventLogger: file
hostname: containers
idMappings:
gidmap:
- container_id: 0
host_id: 1000
size: 1
- container_id: 1
host_id: 100000
size: 65536
uidmap:
- container_id: 0
host_id: 1000
size: 1
- container_id: 1
host_id: 100000
size: 65536
kernel: 4.18.0-348.20.1.el8_5.x86_64
linkmode: dynamic
logDriver: k8s-file
memFree: 74891894784
memTotal: 75708719104
ociRuntime:
name: runc
package: runc-1.0.3-1.module+el8.5.0+13556+7f055e70.x86_64
path: /usr/bin/runc
version: |-
runc version 1.0.3
spec: 1.0.2-dev
go: go1.16.7
libseccomp: 2.5.1
os: linux
remoteSocket:
path: /run/user/1000/podman/podman.sock
security:
apparmorEnabled: false
capabilities:
CAP_NET_RAW,CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
rootless: true
seccompEnabled: true
seccompProfilePath: /usr/share/containers/seccomp.json
selinuxEnabled: true
serviceIsRemote: false
slirp4netns:
executable: /usr/bin/slirp4netns
package: slirp4netns-1.1.8-1.module+el8.5.0+12582+56d94c81.x86_64
version: |-
slirp4netns version 1.1.8
commit: d361001f495417b880f20329121e3aa431a8f90f
libslirp: 4.4.0
SLIRP_CONFIG_VERSION_MAX: 3
libseccomp: 2.5.1
swapFree: 4294963200
swapTotal: 4294963200
uptime: 5m 27.58s
plugins:
log:
- k8s-file
- none
- journald
network:
- bridge
- macvlan
volume:
- local
registries:
search:
- registry.fedoraproject.org
- registry.access.redhat.com
- registry.centos.org
- docker.io
store:
configFile: /home/myuid/.config/containers/storage.conf
containerStore:
number: 1
paused: 0
running: 0
stopped: 1
graphDriverName: overlay
graphOptions: {}
graphRoot: /home/myuid/.local/share/containers/storage
graphStatus:
Backing Filesystem: xfs
Native Overlay Diff: "true"
Supports d_type: "true"
Using metacopy: "false"
imageStore:
number: 3
runRoot: /run/user/1000/containers
volumePath: /home/myuid/.local/share/containers/storage/volumes
version:
APIVersion: 3.4.2
Built: 1642068949
BuiltTime: Thu Jan 13 03:15:49 2022
GitCommit: ""
GoVersion: go1.16.7
OsArch: linux/amd64
Version: 3.4.2
>
> _______________________________________________
> Podman mailing list -- podman(a)lists.podman.io
> To unsubscribe send an email to podman-leave(a)lists.podman.io