3:17 a.m.
Rudolf Vesely via Podman <podman(a)lists.podman.io> writes:
Hi Everybody,
I tried to mount filesystem inside unprivileged container using fuse3 and it's
working. The only thing I had to do was to mount /dev/fuse using "--device" and
add "SYS_ADMIN" capability.
Example:
podman run \
-d \
--device=/dev/fuse \
--cap-add SYS_ADMIN \
localhost/myimage
After that I can mount fuse inside.
Now I'd like to access the mounted filesystem from another container in a pod or from
the container host. In order to do that I used "bind-propagation=rshared" like
this:
podman run \
--mount=type=bind,source=/from,destination=/to,bind-propagation=rshared \
-d \
--device=/dev/fuse \
--cap-add SYS_ADMIN \
localhost/myimage
When I mount fuse inside the container into "/to" or "/to/subfolder"
I
can again see / access the filesystem from inside of the container but
I don't see it from the host / from another containers in a pod that
mount "/from".
Could you please tell me Am I missing something?
mount points created from a rootless environment won't be propagated to
the host, even if you specify rshared.
They will be propagated in the rootless mount namespace, that you can
access with "podman unshare".
You first need to setup a mount point in the "podman unshare"
environment, e.g.:
$ podman unshare mount --make-shared --bind /from /from
$ podman run -v /from:/to:rshared ....
Is the mount accessible from other containers now?