in container: bind mount permission denied #115
Comments
|
what is your ubuntu version can you also output |
|
uname -or img version |
|
are you running it with sudo because it looks like it is trying to use |
|
I'm running into k8s with an ubuntu:14.04 image |
|
when using a non root I get this
|
|
why not use the image I push?
…On Wed, Jun 6, 2018 at 2:51 AM Amine BIZID ***@***.***> wrote:
when using a non root I get this
mg build -t test .
nsenter: cannot change root filesystem propagation: Permission denied
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#115 (comment)>,
or mute the thread
<https:/notifications/unsubscribe-auth/ABYNbH46SqjOoV7a30nUX5Zcd0oQbMraks5t55gcgaJpZM4UcNyl>
.
--
Jessie Frazelle
4096R / D4C4 DD60 0D66 F65A 8EFC 511E 18F3 685C 0022 BFF3
pgp.mit.edu <http://pgp.mit.edu/pks/lookup?op=get&search=0x18F3685C0022BFF3>
|
|
yeah it won't work _inside_ a container unprivileged til the patches are
merged upstream... you need CAP_SYS_ADMIN and to turn off seccomp and apparmor in the container for now. or the easiest way is to just run as privileged.
The patches are outlined here: https:/genuinetools/img#goals
…On Wed, Jun 6, 2018 at 2:54 AM Jessie Frazelle ***@***.***> wrote:
why not use the image I push?
On Wed, Jun 6, 2018 at 2:51 AM Amine BIZID ***@***.***>
wrote:
> when using a non root I get this
>
> mg build -t test .
> nsenter: cannot change root filesystem propagation: Permission denied
>
> —
> You are receiving this because you commented.
> Reply to this email directly, view it on GitHub
> <#115 (comment)>,
> or mute the thread
> <https:/notifications/unsubscribe-auth/ABYNbH46SqjOoV7a30nUX5Zcd0oQbMraks5t55gcgaJpZM4UcNyl>
> .
>
--
Jessie Frazelle
4096R / D4C4 DD60 0D66 F65A 8EFC 511E 18F3 685C 0022 BFF3
pgp.mit.edu
<http://pgp.mit.edu/pks/lookup?op=get&search=0x18F3685C0022BFF3>
--
Jessie Frazelle
4096R / D4C4 DD60 0D66 F65A 8EFC 511E 18F3 685C 0022 BFF3
pgp.mit.edu <http://pgp.mit.edu/pks/lookup?op=get&search=0x18F3685C0022BFF3>
|
jessfraz
changed the title
|
I'm want to run img inside a VSTS agent container running in k8s and using Linux agent-deployment-6d5f8c7fc8-56jbc 4.13.0-1016-azure #19-Ubuntu SMP Thu May 3 17:29:51 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux |
|
Yes you can do that, the easiest way is to run the container as privileged.
…On Wed, Jun 6, 2018 at 2:59 AM Amine BIZID ***@***.***> wrote:
I'm want to run img inside a VSTS agent container running in k8s and using
Linux agent-deployment-6d5f8c7fc8-56jbc 4.13.0-1016-azure #19
<#19>-Ubuntu SMP Thu May 3
17:29:51 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#115 (comment)>,
or mute the thread
<https:/notifications/unsubscribe-auth/ABYNbJYJFvJAs3mVh3A_yJbMg2eiHOfjks5t55oDgaJpZM4UcNyl>
.
--
Jessie Frazelle
4096R / D4C4 DD60 0D66 F65A 8EFC 511E 18F3 685C 0022 BFF3
pgp.mit.edu <http://pgp.mit.edu/pks/lookup?op=get&search=0x18F3685C0022BFF3>
|
|
How to do this ? This is my deployment apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: agent-deployment
spec:
replicas: 1
template:
metadata:
labels:
app:
agent-app
spec:
nodeSelector:
beta.kubernetes.io/os: linux
containers:
- image: microsoft/vsts-agent
name: agent-container
env:
- name: VSTS_ACCOUNT
value: xxx
- name: VSTS_TOKEN
value: xxx
- name: VSTS_POOL
value: dockerPool |
|
@aminebizid |
I get this error
failed to solve: failed to mount /tmp/buildkit-mount123570778: [{Type:bind Source:/root/.local/share/img/runc/native/snapshots/snapshots/8 Options:[ro rbind]}]: permission denied
when running
running img build -t amine/api .using this Dockerfile
The text was updated successfully, but these errors were encountered: