10 a.m.
Hi Eric,
that happens because you are running in a user namespace. The root
inside of the container is mapped by the kernel to your user id on the
host.
We recently added to podman a new option "--userns keep-id" that does
probably what you are looking for. The same ID inside of the user
namespace is mapped to your UID/GID on the host. Please also drop the
--user from the command if you are using this option.
If you are fine with having ID 0, even though it is not the real root,
an unprivileged user cannot get more privileges than it had originally,
I'd suggest to run your same command without `--user 1001`.
Regards,
Giuseppe
Eric Gustavsson <egustavs(a)redhat.com> writes:
> Hi all,
>
> I got a bit on an issue trying to spin up a container with a volume mounted to the
container's /data directory. Got a related issue here but I believe I'm just
missing out on something Podman specific
> https://github.com/dani-garcia/bitwarden_rs/issues/506
>
> When I run this command and mount /bw-data to container's /data the bitwardenrs
image can't write to it.
> podman run -d --user 1001 --name bitwarden -e [ROCKET_PORT=8080,ENABLE_DB_WAL=false]
-v /home/spytec/Bitwarden/bw-data/:/data/ -p 8080:8080 bitwardenrs/server:latest
>
> Inside the container the /data directory is assigned to root, outside the container
/bw-data has 0777 permissions and belong to myself (user 1001).
>
> Am I missing something?
>
> Thanks,
>
> Eric Gustavsson
>
> Associate Software Engineer
>
> Red Hat
>
> *
> *
>
> _______________________________________________
> Podman mailing list -- podman(a)lists.podman.io
> To unsubscribe send an email to podman-leave(a)lists.podman.io
>