Skip to content
This repository has been archived by the owner on May 8, 2024. It is now read-only.

No longer able to use this plugin without sudo #5

Open
mautz-et-tong opened this issue Feb 9, 2022 · 2 comments
Open

No longer able to use this plugin without sudo #5

mautz-et-tong opened this issue Feb 9, 2022 · 2 comments
Assignees
@clecherbauer

Comments

@mautz-et-tong
Copy link

mautz-et-tong commented Feb 9, 2022
edited
Loading

Hello,

I used this plugin quite a long time but unfortunately I don't get it to run on an updated machine. I use Ubuntu on a normal desktop PC. Nothing special here.

I followed these steps to install docker:

It doesn't matter if I try to install this plugin before or after the post-installation process

Distro/Version:
Ubuntu 21.10

Installation gives:

$ docker plugin install lebokus/bindfs

Plugin "lebokus/bindfs" is requesting the following privileges:
 - mount: [/var/lib/docker/plugins/]
 - mount: [/]
 - device: [/dev/fuse]
 - capabilities: [CAP_SYS_ADMIN]
Do you grant the above permissions? [y/N] y
latest: Pulling from lebokus/bindfs
Digest: sha256:70e32e400cf4fe1c58cee67e651067d949d724fd2c7d0e9e77a44e5650c0d289
dcac74e2a670: Complete 
Error response from daemon: dial unix /run/docker/plugins/92f03adaea02541d5b87f37afa298de9d59317f73db35935a8fc0ab6b7276c6e/bindfs.sock: connect: no such file or directory

In /run/docker/plugins there is another hash belonging to root when I install the plugin with sudo.

sudo docker-compose up -d is giving:

Cannot create container for service php: VolumeDriver.Mount: exit status 1%!(EXTRA []interface {}=[])

docker-compose.yml:

version: "3.7"
services:
  nginx:
    [...]
    volumes:
      - docker-share:/var/www/html/
      [...]
    working_dir: /var/www/html/

docker-compose.override.yml:

version: "3.7"
volumes:
  docker-share:
    driver: lebokus/bindfs
    driver_opts:
      sourcePath: "${pwd}/www/html"
      map: "${UID:-1000}/33:@${UID:-1000}/@33"

What did I miss?
@clecherbauer clecherbauer self-assigned this Feb 25, 2022
@clecherbauer
Copy link
Owner

Hi, I have to take a look at that. I can't promise anything but I planned to update the repository anyway

@mautz-et-tong
Copy link
Author

Some updates here. I fooled around with ownership and permissions and I can get the plugin rootless to live after I removed completely docker (purged everything) and reinstalled it with the rootless setup tool and moved ownership of /var/lib/docker and /var/lib/containerd to my user. This is a test system for docker setups only, so I made this mess...

Findings:

  • plugin can be installed as rootless user when /var/lib/docker belongs to the given user and docker is installed with rootless tool
  • stack can be started with a configured lebokus driver volume
  • Ownership mapping stops for a given user (here UID:1000) with mapping "${UID:-1000}/33:@${UID:-1000}/@33". User on host is whoami, inside it is root. Change owner on the inside to www-data (UID 33) changes owner on host to UID 100999.

Sadly, this still makes this plugin unusable.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@clecherbauer clecherbauer

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@clecherbauer @mautz-et-tong