[Podman] Re: Why does Podman update the "Change" timestamp on files shared between host and guest ?

On 6/28/22 15:27, Jacob Kroon wrote: > On 6/28/22 18:48, Jacob Kroon wrote: >> Hi Daniel, >> >> On 6/28/22 16:23, Daniel Walsh wrote: >>> On 6/28/22 03:15, Jacob Kroon wrote: >>>> Hi, >>>> >>>> I'm using Podman in my build environment. As part of the build I >>>> bind a directory from the host to a directory in the container. >>>> Even though the guest doesn't touch the file in any way, afterwards >>>> I can see that the file's "Change" timestamp has been updated, so I >>>> am assuming it is podman that does this. >>>> >>>> According to >>>> https://unix.stackexchange.com/questions/2464/timestamp-modification-time... >>>> >>>> the "Change" timestamp is described as "the last time meta data of >>>> the file was changed (e.g. permissions)". >>>> >>>> I am wondering what meta data it is that podman changes, and if it >>>> can be avoided somehow ? (Mainly because it tricks git/gitk into >>>> thinking something might have changed). >>>> >> >> [cut] >> >>> >>> Could you mount the volume :ro inside of the container and see if >>> the same thing happens? >>> >> >> Yup, same thing happens even if I mount it with :ro. >> >>> If it still happens, then we know it is Podman making the change as >>> opposed to the processes inside of the container. >>> >>> You could also  bind mount the volume readonly on itself, before >>> using podman to see if podman throws an error. >> >> I haven't tried this, let me know if this would be of help and I will >> give it a shot. >> > > I ran it through strace and grepped for a dummy file "foobar" that I > created and got this: > >> [pid  2886] lsetxattr("/home/jkroon/Projects/foobar-linux/foobar", >> "security.selinux", "system_u:object_r:container_file"..., 37, 0 >> <unfinished ...> > > I'll try to see if I can figure out how to get gdb to break on > lsetxattr() with that argument. > > My host is an up2date Fedora 36. > > Also, I'm using --userns=keep-id in case that matters. > > Regards > Jacob > _______________________________________________ > Podman mailing list -- podman(a)lists.podman.io > To unsubscribe send an email to podman-leave(a)lists.podman.io That is SELinux are you mounting with a :Z?