[Podman] Re: bind-propagation=rshared has no effect

On 2/22/22 13:35, Rudolf Vesely via Podman wrote: > Hi Everybody, > > I tried to mount filesystem inside unprivileged container using fuse3 and it's working. The only thing I had to do was to mount /dev/fuse using "--device" and add "SYS_ADMIN" capability. > > Example: > > podman run \ > > -d \ > > --device=/dev/fuse \ > > --cap-add SYS_ADMIN \ > > localhost/myimage > > After that I can mount fuse inside. > > Now I'd like to access the mounted filesystem from another container in a pod or from the container host. In order to do that I used "bind-propagation=rshared" like this: > > podman run \ > > --mount=type=bind,source=/from,destination=/to,bind-propagation=rshared \ > > -d \ > > --device=/dev/fuse \ > > --cap-add SYS_ADMIN \ > > localhost/myimage > > When I mount fuse inside the container into "/to" or "/to/subfolder" I can again see / access the filesystem from inside of the container but I don't see it from the host / from another containers in a pod that mount "/from". > > Could you please tell me Am I missing something? > > I was thinking that maybe AppArmor but looking into logs - nothing. > > Running Podman 3.4.4 on Debian Bookworm (kernel 5.16). > > Thank you. > > Kind regards, > > Rudolf Vesely > > Podman mailing list -- podman(a)lists.podman.io > > To unsubscribe send an email to podman-leave(a)lists.podman.io On Tuesday, February 22nd, 2022 at 18:58, Daniel Walsh <dwalsh(a)redhat.com&gt; wrote: Do you see the mountpoint on the host system? Podman mailing list -- podman(a)lists.podman.io To unsubscribe send an email to podman-leave(a)lists.podman.io