I am using docker on RHEL 7. After mounting host directory into container, some interesting things happen: Although I am a root user, and seem to have all permissions, but the system will prompt “Permission denied” when executing commands:
# docker run -v /root:/test --rm -it debian ls /test
ls: cannot open directory /test: Permission denied
Through tough investigations, I find the root cause is about SELinux:
# sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: enforcing
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Max kernel policy version: 28
The current mode of SELinux is enforcing, and I get 2 solutions to resolve it now:
(1)
Add --privileged option in docker run command:
# docker run --privileged -v /root:/test --rm -it debian ls /test
Desktop Pictures anaconda-ks.cfg linuxamd64_12102_database_1of2.zip
Documents Public database linuxamd64_12102_database_2of2.zip
Downloads Templates docker-oracle12c sysdig
Music Videos initial-setup-ks.cfg
(2)
Set SELinux mode as permissive:
# setenforce 0
# docker run -v /root:/test --rm -it debian ls /test
Desktop Downloads Pictures Templates anaconda-ks.cfg docker-oracle12c linuxamd64_12102_database_1of2.zip sysdig
Documents Music Public Videos database initial-setup-ks.cfg linuxamd64_12102_database_2of2.zip
References:
Why does docker prompt “Permission denied” when backing up the data volume?;
Why does docker container prompt “Permission denied”?.