nestybox
Permission Denied: mount of cifs inside sysbox container not working
I have permission issues with mounting SMB share using mount -t cifs and without sysbox its working well with right capabilities, but with sysbox it throws permission error, probably sysbox while intercepting the mount calls denying the mount of cifs?
With Sysbox:
- without uid gid also same error, Without Sysbox its working well.
I did some research and read other threads and found @ctalledo recommending this
In the meantime, a work-around in order to mount a cifs-backed volume into a Sysbox container would be to configure Docker in userns-remap mode. This way Sysbox won't need to use shiftfs anymore.
If you want to do this, add the "userns-remap" line to the
/etc/docker/daemon.jsonfile
but I cant use this since my infra relies on network_mode: host, and with userns-remap, host network is not possible since it affects even the runc containers.
Is there a workaround for this today?
My requirement comes from having a file system that needs mandatory file locking, and I ended up using SAMBA.
Hi @sibidharan,
The permission denied problem is likely coming from CIFS itself (maybe due to the username, password, or uid/gid options) or possible permissions on the Samba share itself. I was not able to reproduce on my local Linux environment.
I created a simple CIFS share on my Linux host:
sudo apt-get install samba -y
sudo mkdir -p /srv/samba/share
sudo chmod 777 /srv/samba/share
Then configured the /etc/samba/smb.conf with:
[test_share]
path = /srv/samba/share
browseable = yes
read only = no
guest ok = yes
Then restarted Samba:
sudo systemctl restart smbd
Then started a Sysbox container:
docker run --runtime=sysbox-runc -it --rm ubuntu
And inside the Sysbox container I mounted CIFS:
mkdir /mnt/test_share
mount -t cifs -o guest //<LOCALHOST_IP>/test_share /mnt/test_share
This worked fine, and I can see the contents of /mnt/test_share in the container are the proper ones:
# ls -l /mnt/test_share/
total 0
-rwxr-xr-x 1 root root 0 Nov 4 21:36 hello.txt
