将卷挂载到 sudo 无权访问的 docker

Question

I am trying to mount a volume into docker on a compute cluster running ubuntu 18.04. This volume is on a mounted filesystem to which my user has access, but sudo does not. I do have sudo permissions on this cluster. I use this command:

docker run -it --mount type=bind,source="$(pwd)"/logs,target=/workspace/logs tmp:latest bash

The result is this error:

docker: Error response from daemon: invalid mount config for type "bind": stat /home/logs: permission denied.
See 'docker run --help'.

Mounting the volume works fine on my local machine where both sudo and I have access to the drive I want to mount, which makes me believe that the problem is indeed that on the server sudo does not have permissions to the drive I want to mount into docker.

What I have tried:

• running the post-install steps $ sudo groupadd docker && sudo usermod -aG docker $USER

• running docker with sudo

• running docker with --privileged

• running docker with --user $(id -u):$(id -g)

• setting the user inside the dockerfile with USER $(id -u):$(id -g) (plugging in the actual values)

Is there a way to mount the volume in this setup or to change the dockerfile to correctly access the drive with my personal user? Any help would be much appreciated.

On a sidenote, within docker I would only require readaccess to the volume in case that changes anything.

Answer 1

The container is created by the Docker daemon, which runs as root. That's why it still doesn't work even if you run the container or the docker command as your own user.

You might be able to run the daemon as your own user (rootless mode).

You could also look at changing the mount options (on the host system) so that the root user on the host does have access. How to do this depends on the type of filesystem.