Join Log in
Score:0
Cavalcade avatar Server

podman: mount a file system during image build

bs flag
Cavalcade

Using podman/buildah, I want to build a container image that has host file systems already mounted.

I am able to do this with Singularity with sudo singularity build /tmp/lolcow.simg /tmp/lolcow.recipe if those file systems are defined in /etc/singularity/singularity.conf. How can I do this with podman? I am trying to avoid using -v during the podman run stage for this. I'm not tied to Docker compatibility, so if there's a buildah-specific way to do this, great.

The podman-build man page gives as a usage example podman build --volume /home/test:/myvol:ro,Z -t imageName . But when I try it and run the resulting image, the equivalent of the /home/test file system isn't mounted.

565
1 + 0
Score:1
avatar Server
pt flag
larsks

I want to build a container image that has host file systems already mounted.

You can't, primarily because such an image would present a substantial security risk (a container that could force arbitrary host mounts could happily export your entire filesystem to a malicious remote endpoint -- even when running as a non-root user this would still represent a fairly significant problem).

Using the --volume option to podman build mounts the volume inside the container during the build process, but there's no mechanism to instruct Podman (or Docker) to automatically mount something at runtime.

+ 1
Cavalcade avatar
bs flag
Cavalcade
I follow you, but couldn't it mount in directories to which the building user has access? Singularity does something like this. Users who then try to start a container with that image cannot of course access any files their uid doesn't have access to. I should have mentioned everything I'm considering is rootless.
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.