Permission denied on accessing host directory in Docker

by

See this Project Atomic blog post about Volumes and SELinux for the full story.

Specifically:

This got easier recently since Docker finally merged a patch which
will be showing up in docker-1.7 (We have been carrying the patch in
docker-1.6 on RHEL, CentOS, and Fedora).

This patch adds support for “z” and “Z” as options on the volume
mounts (-v).

For example:

docker run -v /var/db:/var/db:z rhel7 /bin/sh

Will automatically do the chcon -Rt svirt_sandbox_file_t /var/db
described in the man page.

Even better, you can use Z.

docker run -v /var/db:/var/db:Z rhel7 /bin/sh

This will label the content inside the container with the exact MCS
label that the container will run with, basically it runs chcon -Rt svirt_sandbox_file_t -l s0:c1,c2 /var/db where s0:c1,c2 differs for
each container.

More Related Contents:

  1. Docker mount to folder overriding content
  2. Mounting nfs shares inside docker container
  3. Docker Compose wait for container X before starting Y
  4. What is the difference between docker-compose ports vs expose
  5. How to run shell script on host from docker container?
  6. Confused about Docker -t option to Allocate a pseudo-TTY
  7. How to mount a single file in a volume
  8. Docker: How to clear the logs properly for a Docker container?
  9. How to specify Memory & CPU limit in docker compose version 3
  10. Access Docker socket within container
  11. How to get a list of images on docker registry v2
  12. How to pass arguments within docker-compose?
  13. Is it possible to start a shell session in a running container (without ssh)
  14. Why are Docker container images so large?
  15. How can I delete Docker’s images?
  16. How to use environment variables in docker-compose?
  17. How do I set hostname in docker-compose?
  18. Keycloak Docker HTTPS required
  19. How do I set environment variables during the build in docker
  20. How to set image name in Dockerfile?
  21. Docker – how can I copy a file from an image to a host?
  22. Using docker-compose with CI – how to deal with exit codes and daemonized linked containers?
  23. How to get Docker containers to talk to each other while running on my local host?
  24. How do I configure docker compose to expose ports correctly?
  25. Change directory command in Docker?
  26. Docker container doesn’t expose ports when –net=host is mentioned in the docker run command
  27. How to tag docker image with docker-compose
  28. Finding the layers and layer sizes for each Docker image
  29. Docker loading kernel modules
  30. docker – how do you disable auto-restart on a container?

Leave a Comment