1

What I want to achieve is to prepare Docker image in which every non-root user can make SSHF mount. MWE below:

Dockerfile:

FROM rocker/rstudio:4.0.3

USER root

RUN apt-get update  && apt-get install -y udev sshfs

RUN mkdir -p /mnt/vol

## also tried with following:
#RUN sudo mkdir -p /etc/udev/rules.d/ && sudo echo "KERNEL==fuse, MODE=0777" >> /etc/udev/rules.d/99-fuse.rules

USER rstudio

Build image:

docker build -f Dockerfile -t fuse:test2 .

SSHFS mount works with root user:

$ docker run -u root --device /dev/fuse --cap-add SYS_ADMIN -it fuse:test2 sshfs -o StrictHostKeyChecking=no <mylogin>@<mynodename.com>:/gstore/home/foltynsk/batchtools_registry/test /mnt/vol
<mylogin>@<mynodename.com>'s password:

But fails with non root user rstudio:

$ docker run -u 1000:1000 --device /dev/fuse --cap-add SYS_ADMIN -it fuse:test2 id
uid=1000(rstudio) gid=1000(rstudio) groups=1000(rstudio)

$ docker run -u 1000:1000 --device /dev/fuse --cap-add SYS_ADMIN -it fuse:test2 ls -la /dev/fuse
crw-rw---- 1 root root 10, 229 Mar 23 21:45 /dev/fuse

$ docker run -u 1000:1000 --device /dev/fuse --cap-add SYS_ADMIN -it fuse:test2 sshfs -o StrictHostKeyChecking=no <mylogin>@<mynodename.com>:/home/<mylogin>/somedir /mnt/vol
fuse: failed to open /dev/fuse: Permission denied
Taz
  • 111
  • 2

0 Answers0