Thanks for the quick responses!

I tried running without --user, got the same error with permission denied to touch the data/ directory
$ podman run -d --name bitwarden -e ROCKET_PORT=8080 -v /home/spytec/Bitwarden/bw-data/:/data/ -p 8080:8080 bitwardenrs/server:latest

With the --userns=keep-id I do get the 1000:1000 on the folder and the container runs as it, but also there I get permission denied.
$ podman run -d --userns=keep-id --name bitwarden -e ROCKET_PORT=8080 -v /home/spytec/Bitwarden/bw-data/:/data/ -p 8080:8080 bitwardenrs/server:latest

If I tried this to see it inside the container:
$ podman run -ti --name bitwarden --rm --userns=keep-id -e [ROCKET_PORT=8080,ENABLE_DB_WAL=false] -v /home/spytec/Bitwarden/bw-data/:/data/ -p 8080:8080 bitwardenrs/server:latest /bin/bash
1000@7253b86a0681:/$ touch /data/test
touch: cannot touch '/data/test': Permission denied
1000@7253b86a0681:/$ ls -l | grep data        
drwxrwxrwx.   2 1000      1000     4096 Jun 13 16:57 data

Thanks,

Eric Gustavsson

Associate Software Engineer

Red Hat



On Mon, 17 Jun 2019 at 16:12, James Cassell <fedoraproject@cyberpear.com> wrote:
On Mon, Jun 17, 2019, at 9:53 AM, Eric Gustavsson wrote:
> Hi all,
>
> I got a bit on an issue trying to spin up a container with a volume
> mounted to the container's /data directory. Got a related issue here
> but I believe I'm just missing out on something Podman specific
> https://github.com/dani-garcia/bitwarden_rs/issues/506
>
> When I run this command and mount /bw-data to container's /data the
> bitwardenrs image can't write to it.
> podman run -d --user 1001 --name bitwarden -e
> [ROCKET_PORT=8080,ENABLE_DB_WAL=false] -v
> /home/spytec/Bitwarden/bw-data/:/data/ -p 8080:8080
> bitwardenrs/server:latest
>
> Inside the container the /data directory is assigned to root, outside
> the container /bw-data has 0777 permissions and belong to myself (user
> 1001).
>
> Am I missing something?

With rootless containers, the root uid inside the container is the regular uid outside of the container. Use `--userns=keep-uid` to see your user mapped as the same uid inside and out.

V/r,
James Cassell
_______________________________________________
Podman mailing list -- podman@lists.podman.io
To unsubscribe send an email to podman-leave@lists.podman.io