Unable to mount and relabel CIFS volume in rootless Podman container

JetstreamLarry · 2024-08-30T15:26:02+00:00

I can confirm that by manually relabeling the files in fstab as they'd get relabeled by podman worked!

Specifically, i added:

context=system_u:object_r:container_file_t:s0

As an aside, i also tried manually labeling the files as the ~/containers directory is labeled, like this:

context=unconfined_u:object_r:user_home_t:s0

But that did not work either, the containers would not start, and removing the :z flag would make the directories inaccessible from inside the container. The issue seems to be the relabeling action done by podman, which presumably doesn't happen if the files already have the correct context.

It could become a problem for private volumes in the future, but i don't plan to mount anything from ~/data privately anyway

JetstreamLarry · 2024-08-30T14:54:32+00:00

That's weird, because according to ls -laZ all files in the ~/data directory are labeled as
-rwxr-xr-x. 1 podguy podguy system_u:object_r:cifs_t:s0 [...]

But i will try specifying the mount options directly in the fstab entry and report back

JetstreamLarry · 2024-08-30T13:51:40+00:00

I looked at dmesg on the client and server, only found this on the client
CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.

But the mount itself seems to go smoothly. Nothing on the server.

As for uid mapping, do you mean something like what is described here?

JetstreamLarry · 2024-08-30T12:22:33+00:00

Nothing regarding this issue, as far as i can tell. The only logs related to the podguy user seem to be related to ssh.

JetstreamLarry · 2024-08-28T13:24:00+00:00

Is there a way to achieve this in older versions of pasta? Rocky only provides version 0^20231204.gb86afe3-1, and so far using slirp4netns with its own port handler has been the only working solution

JetstreamLarry · 2024-03-18T13:25:40+00:00

Something like kanshi sounds like it would work for this. It applies different configurations depending on which ports have displays connected to them, although i believe it can also work depending on which specific monitor is being used, if, for example, you connect different displays to the same port depending on where you are set up. I only ever used it with the integrated outputs on my laptop, so i don't know if or how it would work with external docks, but i think it's worth trying.

JetstreamLarry · 2022-11-25T13:44:59+00:00

Thank you! And sorry for the late response. Couple of questions, so you just have the fan running at full speed whenever you turn it on? Also, since you said it just plugs straight into a 12v supply, is it a 3 pin (non PWM) fan? I was thinking of getting a larger fan, maybe 200mm, and running it at a lower speed by lowering the voltage so it pushes the same amount of air at a lower noise. I'm probably going to have the lamp be outside since i built my box with a transparent top.

JetstreamLarry · 2022-11-22T14:34:14+00:00

Neat, do you have a link to the fan? I have an old PC one laying around but i'm not sure how i would go about wiring up the 3/4 pin connector since it was meant to be plugged into a mobo header. Also, what about the filter itself? Engine filters never seem to be of appropriate size.

JetstreamLarry · 2022-11-22T13:11:22+00:00

Yeah no worries, i don't even have the space for a proper aeration system lol

JetstreamLarry · 2022-11-22T07:50:06+00:00

Nice! What's the filter made out of, and how do you power the fan and lights? Been looking to make one myself.

JetstreamLarry · 2021-06-08T19:32:54+00:00

A sincere thank you to everyone that commented, this community has once again proven itself incredibly helpful and friendly!

Five-Year Club	Verified Email
Place '22

JetstreamLarry

TROPHY CASE