Hi everyone! I want to be able to access a (fuse-type) cloud drive mounted inside a container as the binary is proprietary and I do not want to mount it on the host for security and privacy purposes. I have tried to quickly spin a podman container and bind the folder that corresponds with the drive with the rshared flag but the folder appears to be empty on the host while inside the container it works just fine.
I am running the following commands:
$ podman unshare mount --make-shared --bind /clouddrive /clouddrive
$ podman run -i -t --cap-add=sys_admin --network host \
--security-opt label=type:container_runtime_t \
-v /cloudbinary:/bin/cloudbinary:ro \
-v /clouddrive:/clouddrive:shared \
--device /dev/fuse:/dev/fuse \
-v /bin:/bin:ro \
-v /lib64:/lib64:ro \
--privileged --name=name image /bin/bash
Inside the rootless container I run:
# cloudbinary login username
<enter password>
<successful login>
# ls /clouddrive
file1 file2 file3
But on the host /clouddrive is empty:
$ ls /clouddrive
<nothing>
Running findmnt -o TARGET,PROPAGATION /clouddrive inside the container yields:
TARGET PROPAGATION
/clouddrive shared,slave
Running findmnt -o TARGET,PROPAGATION /clouddrive on the host yields:
TARGET PROPAGATION
/clouddrive shared,slave
I have almost no prior experience with podman but I read something about how a rootless container might not work because the user and group owning the folder is not the right one. Does anybody have an idea on how to fix this? Thank you.
Update: It seems the cloud binary is unmounting any drive with the same name at startup and mounting it's own drive. Would that be a problem? Running findmnt still shows shared but the slave label has disappeared after the binary mounts it's own drive. Is there anyway to "reshare" it at runtime/dynamically?