Commits on Mar 1, 2022

1. Use storage that better supports rootless overlayfs …

   overlayfs -- the kernel's version, not fuse-overlayfs -- recently learned
   (as of linux 5.16.0, I believe) how to support rootless users. Previously,
   rootless users had to use these storage.conf(5) settings:
   
   * storage.driver=vfs          (aka STORAGE_DRIVER=vfs), or
   * storage.driver=overlay      (aka STORAGE_DRIVER=overlay),
     storage.options.overlay.mount_program=/usr/bin/fuse-overlayfs
                                 (aka STORAGE_OPTS=/usr/bin/fuse-overlayfs)
   
   Now that a third backend is available, setting only:
   
   * storage.driver=overlay      (aka STORAGE_DRIVER=overlay)
   
   #13123 reported EXDEV errors
   during the normal operation of their container. Tracing it out, the
   problem turned out to be that their container was being mounted without
   'userxattr'; I don't fully understand why, but mount(8) mentions this is
   needed for rootless users:
   
   > userxattr
   >
   >   Use the "user.overlay." xattr namespace instead of "trusted.overlay.".
   >   This is useful for unprivileged mounting of overlayfs.
   
   containers/storage#1156 found and fixed the issue
   in podman, and this just pulls in that via
   
       go get github.com/containers/storage@ebc90ab
       go mod vendor
       make vendor
   
   Closes #13123
   
   Signed-off-by: Nick Guenther <nick.guenther@polymtl.ca>

   

   kousu committed Mar 1, 2022
   Configuration menu

   • View commit details
   • Copy full SHA for 572e646
   • Browse repository at this point

   Copy the full SHA

   572e646 View commit details

   Browse the repository at this point in the history