[Podman] Re: ownership of a mounted home directry

On Apr 25, 2022, at 21:10, R C <cjvijf(a)gmail.com&gt; wrote:  > On 4/25/22 12:47, Daniel Walsh wrote: >> On 4/24/22 18:36, R C wrote: >> Hello, >> >> >> I built a container that mounts the /home directy (it has one unprivileged user). >> >> (I used buildah and podman on that unprivileged account, using rhel8) >> >> However when I connect to the container, I see that the unprivileged user's home directory is owned by root. >> >> >> any idea why that would be, I am probably missing something >> >> thanks, >> >> >> Ron >> >> _______________________________________________ >> Podman mailing list -- podman(a)lists.podman.io >> To unsubscribe send an email to podman-leave(a)lists.podman.io > > Please show the actually podman command you are executing to see this issue, also give the output of podman info I probably have to change something with namespaces or so: $ podman run -it --rm --name=home-fs -v $HOME:$HOME -v /mnt:/mnt -u myuid localhost/home-fs bash: /home/myuid/.bashrc: Permission denied bash-4.4$ [rocr@containers ~]$ podman run -it --rm --name=home-fs -v $HOME:$HOME -v /mnt:/mnt localhost/home-fs [root@b82256bb2424 myuid]# this is after executing it with -u myuid: $ podman info host: arch: amd64 buildahVersion: 1.23.1 cgroupControllers: [] cgroupManager: cgroupfs cgroupVersion: v1 conmon: package: conmon-2.0.32-1.module+el8.5.0+13852+150547f7.x86_64 path: /usr/bin/conmon version: 'conmon version 2.0.32, commit: 4b12bce835c3f8acc006a43620dd955a6a73bae0' cpus: 24 distribution: distribution: '"rhel"' version: "8.5" eventLogger: file hostname: containers idMappings: gidmap: - container_id: 0 host_id: 1000 size: 1 - container_id: 1 host_id: 100000 size: 65536 uidmap: - container_id: 0 host_id: 1000 size: 1 - container_id: 1 host_id: 100000 size: 65536 kernel: 4.18.0-348.20.1.el8_5.x86_64 linkmode: dynamic logDriver: k8s-file memFree: 74891894784 memTotal: 75708719104 ociRuntime: name: runc package: runc-1.0.3-1.module+el8.5.0+13556+7f055e70.x86_64 path: /usr/bin/runc version: |- runc version 1.0.3 spec: 1.0.2-dev go: go1.16.7 libseccomp: 2.5.1 os: linux remoteSocket: path: /run/user/1000/podman/podman.sock security: apparmorEnabled: false capabilities: CAP_NET_RAW,CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT rootless: true seccompEnabled: true seccompProfilePath: /usr/share/containers/seccomp.json selinuxEnabled: true serviceIsRemote: false slirp4netns: executable: /usr/bin/slirp4netns package: slirp4netns-1.1.8-1.module+el8.5.0+12582+56d94c81.x86_64 version: |- slirp4netns version 1.1.8 commit: d361001f495417b880f20329121e3aa431a8f90f libslirp: 4.4.0 SLIRP_CONFIG_VERSION_MAX: 3 libseccomp: 2.5.1 swapFree: 4294963200 swapTotal: 4294963200 uptime: 5m 27.58s plugins: log: - k8s-file - none - journald network: - bridge - macvlan volume: - local registries: search: - registry.fedoraproject.org - registry.access.redhat.com - registry.centos.org - docker.io store: configFile: /home/myuid/.config/containers/storage.conf containerStore: number: 1 paused: 0 running: 0 stopped: 1 graphDriverName: overlay graphOptions: {} graphRoot: /home/myuid/.local/share/containers/storage graphStatus: Backing Filesystem: xfs Native Overlay Diff: "true" Supports d_type: "true" Using metacopy: "false" imageStore: number: 3 runRoot: /run/user/1000/containers volumePath: /home/myuid/.local/share/containers/storage/volumes version: APIVersion: 3.4.2 Built: 1642068949 BuiltTime: Thu Jan 13 03:15:49 2022 GitCommit: "" GoVersion: go1.16.7 OsArch: linux/amd64 Version: 3.4.2 > > _______________________________________________ > Podman mailing list -- podman(a)lists.podman.io > To unsubscribe send an email to podman-leave(a)lists.podman.io _______________________________________________ Podman mailing list -- podman(a)lists.podman.io To unsubscribe send an email to podman-leave(a)lists.podman.io