crc icon indicating copy to clipboard operation
crc copied to clipboard

Published 20 hours ago verified publisher icon crc-org

Implement file sharing

Open cfergeau opened this issue 2 years ago • 3 comments

We need a way to share files/directories with the crc VM. The first use case would be for the podman preset, to implement podman-remote -v localdir:remotedir. There are several options:

  • virtiofs
  • sshfs

cfergeau avatar May 17 '22 11:05 cfergeau

The way podman does it is by mounting (on a mac) /Users/teuf to /Users/teuf inside its VM using 9p. Then podman-remote -v /Users/teuf/localdir:remotedir can be used successfully.

I've added virtiofs support to vfkit in https://github.com/cfergeau/vfkit/tree/virtiofs , though this depends on an unmerged PR in Code-Hex/vz

This is then used by https://github.com/cfergeau/crc/commits/macos-vf (various paths/tags are hardcoded at the moment).

With these changes, I can start a VM using the podman bundle, and /Users/teuf is mounted to the same path in the VM. /Users/teuf in the VM is owned by core.core even if the host/VM UIDs are different. However, podman -v /Users/teuf/localdir:remotedir fails:

# ls /foo/
ls: cannot open directory '/foo/': Permission denied

This happens both with rootless and rootful podman.

EDIT: After running setenforce 0 in the VM, this works fine!!

macOS ~ % mkdir podman-test
macOS ~ % touch podman-test/hello-world
macOS ~ % ~/.crc/bin/oc/podman run -v /Users/teuf/podman-test:/foo -it --rm docker.io/redhat/ubi8

[root@e43226ed1836 /]# ls /foo/
hello-world
[root@e43226ed1836 /]# touch /foo/hello-from-container
[root@e43226ed1836 /]# exit

macOS ~ % ls ~/podman-test 
hello-from-container	hello-world

EDIT2: adding context="system_u:object_r:container_file_t:s0" to the virtiofs mount options allow to use this even with selinux set to enforcing mode.

cfergeau avatar May 24 '22 11:05 cfergeau

podman-machine has a trick to access /Users/teuf. Through 9p, /Users/teuf is owned by a user with the same uid as I have on my mac. When podman-machine creates its VM, its ignition file creates a core user with the same uid as the one teuf has locally on the mac. This eases some of the permissions/ownership issues that might occur.

cfergeau avatar May 24 '22 11:05 cfergeau

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

stale[bot] avatar Sep 20 '22 21:09 stale[bot]

closing this more updates in the epic

anjannath avatar Feb 09 '23 10:02 anjannath