enroot load fails with mount: permission denied #255
Description
Using enroot 4.0.1 (non-hardened version), the load command seems to fail on a permission error when mounting the overlay.
$ enroot load docker://alpine
[INFO] Querying registry for permission grant
[INFO] Authenticating with user: kilian
[INFO] Using credentials from file: /home/users/kilian/.config/enroot/.credentials
[INFO] Authentication succeeded
[INFO] Fetching image manifest list
[INFO] Fetching image manifest
[INFO] Found all layers in cache
[INFO] Extracting image layers...
100% 1:0=0s 2d35ebdb57d9971fea0cac1582aa78935adf8058b2cc32db163c98822e5dfa1b
[INFO] Converting whiteouts...
100% 1:0=0s 2d35ebdb57d9971fea0cac1582aa78935adf8058b2cc32db163c98822e5dfa1b
[INFO] Loading container root filesystem...
mount: permission denied
Starting that container the regular way works, so all the other aspects of enroot work as expected:
$ enroot import docker://alpine
[...]
$ enroot start alpine+latest.sqsh
/ $
The mount: permission denied error comes from that part:
$ bash -x $(command -v enroot) load docker://alpine
[...]
[INFO] Loading container root filesystem...
+ '[' -v TTY_ON ']'
+ '[' 3 -eq 0 ']'
+ '[' NL = NL ']'
+ echo
+ '[' 215845 -ne 0 ']'
+ unpriv=y
+ mkdir -p rootfs /lscratch/kilian/.enroot/data/alpine+latest
++ seq -s: 1 1
+ enroot-nsenter --user --mount --remap-root bash -c 'mount --make-rprivate / && mount -t overlay overlay -o lowerdir=0:1 rootfs &&
tar --numeric-owner -C rootfs/ --mode=u-s,g-s -cpf - . | tar --numeric-owner -C '\''/lscratch/kilian/.enroot/data/alpine+latest/'\'' -xpf -'
mount: permission denied
specifically this:
mount -t overlay overlay -o lowerdir=0:1 rootfs
Does the enroot load command needs additional privileges?
Thanks!