Can't write into shared folder "Permission denied" #5821
Description
/kind bug
Description
I'm trying to share a directory with my container and write or read to it but I can't, this is what I did:
➜ podman run -v $(mktemp -d):/test -it alpine
/ # touch /t
test/ tmp/
/ # touch /t
test/ tmp/
/ # touch /test/ro
touch: /test/ro: Permission denied
/ # ll /
/bin/sh: ll: not found
/ # ls -al /
total 60
drwxr-xr-x 20 root root 4096 Apr 15 15:50 .
drwxr-xr-x 2 root root 4096 Mar 23 20:12 bin
drwxr-xr-x 5 root root 360 Apr 15 15:49 dev
drwxr-xr-x 15 root root 4096 Apr 15 15:49 etc
drwxr-xr-x 2 root root 4096 Mar 23 20:12 home
drwxr-xr-x 5 root root 4096 Mar 23 20:12 lib
drwxr-xr-x 5 root root 4096 Mar 23 20:12 media
drwxr-xr-x 2 root root 4096 Mar 23 20:12 mnt
drwxr-xr-x 2 root root 4096 Mar 23 20:12 opt
dr-xr-xr-x 390 nobody nobody 0 Apr 15 15:49 proc
drwx------ 2 root root 4096 Apr 15 15:50 root
drwxr-xr-x 3 root root 4096 Apr 15 15:49 run
drwxr-xr-x 2 root root 4096 Mar 23 20:12 sbin
drwxr-xr-x 2 root root 4096 Mar 23 20:12 srv
dr-xr-xr-x 13 nobody nobody 0 Apr 2 08:07 sys
drwx------ 2 root root 40 Apr 15 15:49 test
drwxrwxrwt 2 root root 4096 Mar 23 20:12 tmp
drwxr-xr-x 7 root root 4096 Mar 23 20:12 usr
drwxr-xr-x 12 root root 4096 Mar 23 20:12 var
/ # whoami
root
/ # id -u
0
/ # ls /test/
ls: can't open '/test/': Permission denied
/ #
Steps to reproduce the issue:
-
Run
podman run -v $(mktemp -d):/test -it alpine -
From inside the container try to create a file inside the /test directory
touch /test/ro
Describe the results you received:
touch: /test/ro: Permission denied
Describe the results you expected:
To be able to create the file
Additional information you deem important (e.g. issue happens only occasionally):
Output of podman version:
Version: 1.8.2
RemoteAPI Version: 1
Go Version: go1.13.6
OS/Arch: linux/amd64
Output of podman info --debug:
debug:
compiler: gc
git commit: ""
go version: go1.13.6
podman version: 1.8.2
host:
BuildahVersion: 1.14.3
CgroupVersion: v1
Conmon:
package: conmon-2.0.15-1.fc31.x86_64
path: /usr/bin/conmon
version: 'conmon version 2.0.15, commit: 4152e6044da92e0c5f246e5adf14c85f41443759'
Distribution:
distribution: fedora
version: "31"
IDMappings:
gidmap:
- container_id: 0
host_id: 1000
size: 1
- container_id: 1
host_id: 100000
size: 65536
uidmap:
- container_id: 0
host_id: 1000
size: 1
- container_id: 1
host_id: 100000
size: 65536
MemFree: 3753807872
MemTotal: 25088311296
OCIRuntime:
name: runc
package: containerd.io-1.2.13-3.1.fc31.x86_64
path: /usr/bin/runc
version: |-
runc version 1.0.0-rc10
commit: dc9208a3303feef5b3839f4323d9beb36df0a9dd
spec: 1.0.1-dev
SwapFree: 12599422976
SwapTotal: 12616462336
arch: amd64
cpus: 8
eventlogger: journald
hostname: thinkpad.b1zzu.club
kernel: 5.5.11-200.fc31.x86_64
os: linux
rootless: true
slirp4netns:
Executable: /usr/bin/slirp4netns
Package: slirp4netns-1.0.0-1.fc31.x86_64
Version: |-
slirp4netns version 1.0.0
commit: a3be729152a33e692cd28b52f664defbf2e7810a
libslirp: 4.1.0
uptime: 319h 48m 45.05s (Approximately 13.29 days)
registries:
search:
- docker.io
- registry.fedoraproject.org
- registry.access.redhat.com
- registry.centos.org
- quay.io
store:
ConfigFile: /home/b1zzu/.config/containers/storage.conf
ContainerStore:
number: 38
GraphDriverName: overlay
GraphOptions:
overlay.mount_program:
Executable: /usr/bin/fuse-overlayfs
Package: fuse-overlayfs-0.7.8-1.fc31.x86_64
Version: |-
fusermount3 version: 3.6.2
fuse-overlayfs: version 0.7.8
FUSE library version 3.6.2
using FUSE kernel interface version 7.29
GraphRoot: /home/b1zzu/.local/share/containers/storage
GraphStatus:
Backing Filesystem: extfs
Native Overlay Diff: "false"
Supports d_type: "true"
Using metacopy: "false"
ImageStore:
number: 64
RunRoot: /run/user/1000/containers
VolumePath: /home/b1zzu/.local/share/containers/storage/volumes
Package info (e.g. output of rpm -q podman or apt list podman):
podman-1.8.2-2.fc31.x86_64
Additional environment details (AWS, VirtualBox, physical, etc.):
Linux hostname 5.5.11-200.fc31.x86_64 #1 SMP Mon Mar 23 17:32:43 UTC 2020 x86_64 x86_64 x86_64 GN
U/Linux