I want to cif mount a directory into a docker-container. As there are solutions to this, I tried the --privileged flag and setting the capabilities needed:
docker-compose.yaml:
version: '2.0'
services:
mounttest:
image: test
privileged: true
cap_add:
- SYS_ADMIN
- DAC_READ_SEARCH
restart: unless-stopped
container_name: test
mem_limit: 500m
build:
context: .
dockerfile: Dockerfile
volumes:
- .:/apps/docker-test/
Dockerfile:
FROM ubuntu:18.04
ADD . /apps/docker-test/
# APT-GET
RUN apt-get update && apt-get install -y \
sudo \
cifs-utils
# CHMOD SHELL SCRIPTS
RUN chmod 0755 /apps/docker-test/run.sh
RUN chmod 0755 /apps/docker-test/build.sh
RUN /apps/docker-test/build.sh
CMD bash /apps/docker-test/run.sh
build.sh:
mkdir -p /test_folder
echo "Mount"
sudo mount -t cifs -o username=XXX,password=XXX,workgroup=XX //server/adress$ /test_folder
run.sh starts a python script
This does not work, instead:
docker-compose build
gives me the error:
Unable to apply new capability set
All the solutions I found only mention the privileged flag or capabilities, which are set. Can anyone help?
The answer I found, is to put the mount command into the run.sh file. As the command (or CMD) in the Dockerfile is only executed when running
docker-compose up
the mount will only be executed after the build, done beforehand, is already finished.
Therefore, before starting the python script, the mount command is executed. In my case, that only worked with the privileged flag set to true.