How to mount - snap inside a docker container?

Question

How to mount - snap inside a docker container?

I have this debian:jessie based debian:jessie (but this is not very important since I had the same problem with alpine:3.3 ). I got to what I need

 mount --bind /htdocs/www /home/user/example.com/www

and i get

 mount: permission denied

I cannot find anything in any kernel log, and -vvv does not provide anything interesting. I obviously can do this on the host (with any other pair of subtree / node). In my example above, / htdocs / www is the mount point of the Docker volume, but it does not seem as important as I cannot mount --bind any pair of subtree / node inside the container.

+7

docker bind mount

Morpheu5 Apr 11 '16 at 15:57

source share

1 answer

helmbert · Accepted Answer · 2016-04-11T16:27:11+0000

To use the mount system call, you need CAP_SYS_ADMIN . By default, Docker disables all features when creating a container (which means that even with root privileges you are not allowed to do everything). See the installation (2) page of the manual for more information.

You can start your container using the --cap-add=SYS_ADMIN to add this feature to your container:

 root@host > docker run --rm -it --cap-add=SYS_ADMIN debian:jessie root@ee0b1d5fe546 :/# mkdir /mnt/test root@ee0b1d5fe546 :/# mount --bind /home /mnt/test/ root@ee0b1d5fe546 :/#

Use this with caution . Do not run untrusted software in a privileged container.

How to mount - snap inside a docker container?

More articles: