For some reasons (custom kernel with user namespace activated) my container filesystem owners and permissions has lots of errors. In short, some files/folders belong to nobody/nobody when in fact they should be owned by root:root. I can manage to partially fix things from the host where I can chown vu-poppy-0:vg-poppy-0 (poppy is obviously container name) the files/folders. I can use too the fuidshift command . I say partially as the owner group will always stay nobody.
But i have a problem when it comes to upgrade (container is Fedora, host Arch) some packages, filesystem being one of them. To upgrade, the system needs access to /proc/filesystems which is unfortunately owned by nobody:nobody and can't be changed from host. And the proc folder is empty for the host, so I can't chwon from host. How can I access (if I can) container /proc from host? In general, to solve this annoying owner issue in container (nobody:nobody), I was thinking making root part of the nobody group. I know this is a hack, but is there any troubles down the road in doing this? Thank you for help or hints. _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
