gvisor icon indicating copy to clipboard operation
gvisor copied to clipboard
verified publisher icon google

Can not write file , even the directory has permission to read/write

Open johnwmail opened this issue 1 year ago • 3 comments

Description

Please take a look the screen, thank you.

Image

Image

Steps to reproduce

No response

runsc version

docker version (if using docker)

uname

No response

kubectl (if using Kubernetes)

repo state (if built from source)

No response

runsc debug logs (if available)

johnwmail avatar Jan 22 '25 06:01 johnwmail

Do you observe the same behavior with similar permissions on a non-NFS mountpoint? I'm wondering if this is NFS-specific.

EtiennePerot avatar Jan 23 '25 01:01 EtiennePerot

Do you observe the same behavior with similar permissions on a non-NFS mountpoint? I'm wondering if this is NFS-specific.

Yes, maybe NFS-specific.

  1. /localdisk/fid work
  2. /nfs/fid NOT WORK
  3. /tmpfs/fid work

PS: runc runtime work for all above mount point

johnwmail avatar Jan 23 '25 06:01 johnwmail

For NFS mounts, we set disable_file_handle_sharing mount option: https://github.com/google/gvisor/blob/c238e15234feef339823ad328f7c1208d0b276d7/runsc/cmd/gofer.go#L744-L750

So it may have something to do with that option, in which gofer filesystem uses gofer.specialFileFD for regular files.

ayushr2 avatar Jan 23 '25 18:01 ayushr2