People,
If I install Fedora as a Podman container on CoreOS so I can use things like rsync and ranger - how do I give these apps access to the data on the /dev/sdb partition? I have CoreOS on /dev/sda and many HD backups on /dev/sdb (mounted at /var/mntb) but I have problems getting access to this data when I create a Podman container and try and give it access to /var/mntb using the "-v" switch when creating the container. What is the appropriate way of getting access to /dev/sdb without having to build a custom CoreOS?
Thanks,
Phil.
You're likely hitting SELinux issues. By default, unprivileged containers can only access bits of the filesystem which are correctly labeled. You can relabel them using :z (generic) or :Z (specific to the container) on the mount option, though it sounds like you want a "pet-style" container for administering your OS in general. In that case, I'd recommend toolbox which is already part of FCOS:
https://github.com/containers/toolbox/
It creates a privileged container and should already be bind-mounting /mnt in, so you should have access to your data there. (You can of course do the same thing yourself with --privileged.)
On Thu, Aug 5, 2021 at 6:53 AM Philip Rhoades phil@pricom.com.au wrote:
People,
If I install Fedora as a Podman container on CoreOS so I can use things like rsync and ranger - how do I give these apps access to the data on the /dev/sdb partition? I have CoreOS on /dev/sda and many HD backups on /dev/sdb (mounted at /var/mntb) but I have problems getting access to this data when I create a Podman container and try and give it access to /var/mntb using the "-v" switch when creating the container. What is the appropriate way of getting access to /dev/sdb without having to build a custom CoreOS?
Thanks,
Phil.
Philip Rhoades
PO Box 896 Cowra NSW 2794 Australia E-mail: phil@pricom.com.au _______________________________________________ CoreOS mailing list -- coreos@lists.fedoraproject.org To unsubscribe send an email to coreos-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/coreos@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Jonathan,
On 2021-08-06 02:29, Jonathan Lebon wrote:
You're likely hitting SELinux issues.
Ah right . .
By default, unprivileged containers can only access bits of the filesystem which are correctly labeled. You can relabel them using :z (generic) or :Z (specific to the container) on the mount option,
It has been a while since I was looking at this (life gets in the way again . . ) but I thought I did try those switches . .
though it sounds like you want a "pet-style" container for administering your OS in general. In that case, I'd recommend toolbox which is already part of FCOS:
Ah - I looked at toolbox ages ago and then promptly forgot all about it because I didn't have an immediate use case . .
It creates a privileged container and should already be bind-mounting /mnt in, so you should have access to your data there. (You can of course do the same thing yourself with --privileged.)
OK - I will check all that out - thanks for the much appreciated info!
Phil.
On Thu, Aug 5, 2021 at 6:53 AM Philip Rhoades phil@pricom.com.au wrote:
People,
If I install Fedora as a Podman container on CoreOS so I can use things like rsync and ranger - how do I give these apps access to the data on the /dev/sdb partition? I have CoreOS on /dev/sda and many HD backups on /dev/sdb (mounted at /var/mntb) but I have problems getting access to this data when I create a Podman container and try and give it access to /var/mntb using the "-v" switch when creating the container. What is the appropriate way of getting access to /dev/sdb without having to build a custom CoreOS?
Thanks,
Phil.
Philip Rhoades
PO Box 896 Cowra NSW 2794 Australia E-mail: phil@pricom.com.au _______________________________________________ CoreOS mailing list -- coreos@lists.fedoraproject.org To unsubscribe send an email to coreos-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/coreos@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
CoreOS mailing list -- coreos@lists.fedoraproject.org To unsubscribe send an email to coreos-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/coreos@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
coreos@lists.fedoraproject.org
-
Jonathan Lebon -
Philip Rhoades