1

I'm trying to mount NFS inside Podman rootless container. I tried several method with/without CAPS and security profile parameters. Unfortunately, mount works only, if Podman is run as root. I'm spent 2 week on this issue, but honestly i'm out of ideas how to deal with this issue.

  1. As root with cap-add container (Working)
[root@rack-host1~]# podman  run --cap-add=CAP_SYS_ADMIN -it myredhatimage:8 bash 
[root@d8e09797b797 /]# mount -vv -t nfs4 -o rw,relatime,vers=4.0,rsize=65536,wsize=65536,namlen=255,hard,proto=tcp,timeo=600,retrans=2,sec=sys,local_lock=none,addr=10.0.0.12

nfs-server06:/MoviesShare /data mount: nfs-server06:/MoviesShare mounted on /data. [root@d8e09797b797 /]# ls /data configs containers movies logs pictures

  1. As non root without caps [Failed]
[podman-user@rack-host1~]$ podman  run -it myredhatimage:8 bash [root@fbd0cfca851d /]# mkdir -p /data  [root@fbd0cfca851d /]# mount
-vv -t nfs4 -o rw,relatime,vers=4.0,rsize=65536,wsize=65536,namlen=255,hard,proto=tcp,timeo=600,retrans=2,sec=sys,local_lock=none,addr=10.0.0.12

nfs-server06:/MoviesShare /data mount: /data: permission denied.

  1. As non root with caps [Failed]
[podman-user@rack-host1~]$ podman  run --cap-add=CAP_SYS_ADMIN -it myredhatimage:8 bash
[root@56e79e6f30cf /]# mkdir -p /data
[root@56e79e6f30cf /]# mount -vv -t nfs4 -o rw,relatime,vers=4.0,rsize=65536,wsize=65536,namlen=255,hard,proto=tcp,timeo=600,retrans=2,sec=sys,local_lock=none,addr=10.0.0.12

nfs-server06:/MoviesShare /data mount: /data: permission denied.

  1. As non root with caps and privileged [Failed]
[podman-user@rack-host1~]$ podman  run --privileged --cap-add=CAP_SYS_ADMIN -it myredhatimage:8 bash
[root@bc40b4065cf1 /]# mkdir -p /data
[root@bc40b4065cf1 /]# mount -vv -t nfs4 -o rw,relatime,vers=4.0,rsize=65536,wsize=65536,namlen=255,hard,proto=tcp,timeo=600,retrans=2,sec=sys,local_lock=none,addr=10.0.0.12

nfs-server06:/MoviesShare /data mount: /data: permission denied.

I use newest Podman 5.0.0-dev-d08414686 and RHEL8.9 with kernel 4.18.0-513.9.1.el8_9.x86_64

Client:       Podman 
Engine Version:      5.0.0-dev-d08414686 
API Version:  5.0.0-dev-d08414686 
Go Version:   go1.20.10 
Built:        Mon Jan 22 16:32:20 2024 
OS/Arch:      linux/amd64

Podman is configured to use runc engine. NFS is in version 4. Please let know.

Improve this question
Related questions
946
How to mount a host directory in a Docker container
2
NFS mount timeout
5
Why does sqlite3 not work on Amazon Elastic File System?
Load 5 more related questions Show fewer related questions

0

Reset to default

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.