Labelled volume mounts with Docker compatibility #13766
-
|
I'm trying to use a tool which (rightly or wrongly) invokes the actual binary as a container using the Docker CLI. This almost works (with the exception of #13756) but even with the fix for that in, I still have an issue: in order to let the container access the project working directory, it needs to specify either Is there any way to have the Docker invocation "just work"? Is that even a sensible thing to want to happen? I'm not entirely clear on when I'd ever need to not specify one of these options when trying to be compatible with something that's expecting Docker? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
|
To begin: I strongly suspect that this would also not work on an SELinux-enabled Docker - so my first suggestion would be to request that the upstream tool set |
Beta Was this translation helpful? Give feedback.
To begin: I strongly suspect that this would also not work on an SELinux-enabled Docker - so my first suggestion would be to request that the upstream tool set
--security-opt label=disable(which should be safe on non-SELinux systems) to allow access to the host. Alternatively, you could globally disable SELinux labelling for Podman viacontainers.confbut I would not recommend that.