Mount SMB/CIFS share within a Docker container

linux windows docker mount cifs
95,181

Solution 1

Yes, Docker is preventing you from mounting a remote volume inside the container as a security measure. If you trust your images and the people who run them, then you can use the --privileged flag with docker run to disable these security measures.

Further, you can combine --cap-add and --cap-drop to give the container only the capabilities that it actually needs. (See documentation) The SYS_ADMIN capability is the one that grants mount privileges.

Solution 2

  1. yes
  2. There is a closed issue mount.cifs within a container

https://github.com/docker/docker/issues/22197

according to which adding

--cap-add SYS_ADMIN --cap-add DAC_READ_SEARCH

to the run options will make mount -t cifs operational.

I tried it out and:

mount -t cifs //<host>/<path> /<localpath> -o user=<user>,password=<user>

within the container then works

Solution 3

You could use the smbclient command (part of the Samba package) to access the SMB/CIFS server from within the Docker container without mounting it, in the same way that you might use curl to download or upload a file.

There is a question on StackExchange Unix that deals with this, but in short:

smbclient //server/share -c 'cd /path/to/file; put myfile'

For multiple files there is the -T option which can create or extract .tar archives, however this looks like it would be a two step process (one to create the .tar and then another to extract it locally). I'm not sure whether you could use a pipe to do it in one step.

Solution 4

You can use a Netshare docker volume plugin which allows to mount remote CIFS/Samba as volumes.

Share:
95,181
Kryten
Author by

Kryten

Updated on October 06, 2020

Comments

  • Kryten
    Kryten over 3 years

    I have a web application running in a Docker container. This application needs to access some files on our corporate file server (Windows Server with an Active Directory domain controller). The files I'm trying to access are image files created for our clients and the web application displays them as part of the client's portfolio.

    On my development machine I have the appropriate folders mounted via entries in /etc/fstab and the host mount points are mounted in the Docker container via the --volume argument. This works perfectly.

    Now I'm trying to put together a production container which will be run on a different server and which doesn't rely on the CIFS share being mounted on the host. So I tried to add the appropriate entries to the /etc/fstab file in the container & mounting them with mount -a. I get mount error(13): Permission denied.

    A little research online led me to this article about Docker security. If I'm reading this correctly, it appears that Docker explicitly denies the ability to mount filesystems within a container. I tried mounting the shares read-only, but this (unsurprisingly) also failed.

    So, I have two questions:

    1. Am I correct in understanding that Docker prevents any use of mount inside containers?

    2. Can anyone think of another way to accomplish this without mounting a CIFS share on the host and then mounting the host folder in the Docker container?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Data permissions Docker for Windows
Unable to start: The running command stopped because the preference variable "ErrorActionPreference" or common parameter is set to Stop
How to enable the Docker Remote API on Windows
Mounting windows share with non-root users?
How do I mount a CIFS share?
Mount a USB disk in Linux which was not properly unmounted in Windows
How to troubleshoot CIFS error -13 (Permission Denied)?
How to mount a NTFS USB harddrive to Mac OS X that was unsave removed from Windows?
Ubuntu can't mount windows share
Using CIFS to mount a Windows share that symlinks another Windows share