Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Rexray/s3fs docker plugin 0.9.1 not requesting enough permissions to work properly. #891

Closed
egnoriega opened this Issue Jun 15, 2017 · 2 comments

Comments

Projects
None yet
4 participants
@egnoriega
Copy link

egnoriega commented Jun 15, 2017

Summary

This relates to the container plugin - When pulling rexray:0.9.1, the plugin does not request enough permissions from the Docker engine.

Bug Reports

docker plugin install rexray/s3fs:0.9.1  ...
Plugin "rexray/s3fs:0.9.1" is requesting the following privileges:
 - network: [host]

contrast:

docker plugin install rexray/s3fs:0.9.0 ...
Plugin "rexray/s3fs:0.9.0" is requesting the following privileges:
 - network: [host]
 - mount: [/dev]
 - allow-all-devices: [true]
 - capabilities: [CAP_SYS_ADMIN]
Do you grant the above permissions? [y/N]

This creates the following error under 0.9.1:

docker run -it -v dockvol-test9999:/myvol centos bash
Unable to find image 'centos:latest' locally
latest: Pulling from library/centos
d5e46245fe40: Pull complete 
Digest: sha256:aebf12af704307dfa0079b3babdca8d7e8ff6564696882bcb5d11f1d461f9ee9
Status: Downloaded newer image for centos:latest
docker: Error response from daemon: error while mounting volume '/mnt/sda1/var/lib/docker/plugins/7680a0da40e716af0d270c409777f3a9c13ae82ecab3e3bda97eb21a6de553d7/rootfs': VolumeDriver.Mount: {"Error":"error executing xcli"}.
@cduchesne

This comment has been minimized.

Copy link
Collaborator

cduchesne commented Jun 15, 2017

Thanks for finding this - this was bad on my part, assuming that the s3fs plug-in didn't require as aggressive of permissions. I have submitted #893.

@akutz akutz added bug docker labels Jun 15, 2017

@codenrhoden codenrhoden added this to the 2017.06-2 milestone Jun 16, 2017

@codenrhoden

This comment has been minimized.

Copy link
Member

codenrhoden commented Jun 16, 2017

Closed by #893

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.