Hi, I have been playing with vagrant-sshfs to build persistent storage for docker registry inside ADB box but I have encountered SELinux issue.
Steps to reproduce: $ Add sshfs folder into Vagrantfile config.vm.synced_folder "/home/tnozicka/tmp/registry-data", "/var/lib/registry", type: "sshfs" $ vagrant up $ vagrant ssh $ docker run -it --rm -v /var/lib/registry:/var/lib/registry centos:7 bash -c 'mkdir /var/lib/registry/new-dir' (fails [and should] since /var/lib/registry does not have the right SELinux context) $ docker run -it --rm -v /var/lib/registry:/var/lib/registry:Z centos:7 bash -c 'mkdir /var/lib/registry/new-dir' (FAILS with: Error response from daemon: operation not supported) The later one (:Z) works for ordinary folders, but it is failing with the one mounted by sshfs :( I tried to fix SELinux with: $ sudo chcon -Rt svirt_sandbox_file_t /var/lib/registry chcon: failed to change context of ‘docker’ to ‘system_u:object_r:svirt_sandbox_file_t:s0’: Operation not supported chcon: failed to change context of ‘/var/lib/registry’ to ‘system_u:object_r:svirt_sandbox_file_t:s0’: Operation not supported but without success. Does anybody have any ideas how to get sshfs and Docker/SELinux working together? Everything works after running: $ sudo setenforce 0 inside ADB so it is almost definitely SELinux related issue. Thanks, Tomas Nozicka [1] - http://www.projectatomic.io/blog/2015/06/using-volumes-with-docke r-can-cause-problems-with-selinux/ _______________________________________________ Container-tools mailing list [email protected] https://www.redhat.com/mailman/listinfo/container-tools
