Solved: Re: Podman volume mount /var/lib/mysql problem. - Page 2

Evaldas_R · ‎09-04-2024

I have a problem with mounting a volume of mysql.

podman run -d --name mysql -e MYSQL_ROOT_PASSWORD=password -v /home/student/mysql:/var/lib/mysql:Z docker.io/library/mysql:latest

This is my command as soon as I run it, it creates files in /home/student/mysql and it works, as soon as I delete it and try to run it again I get in logs:

find: '/var/lib/mysql/mysql.sock': Permission denied
chown: cannot access '/var/lib/mysql/mysql.sock': Permission denied

In home/student/mysql is a sym link:

mysql.sock -> /var/run/mysqld/mysqld.sock

So to my idea I also mounted the /var/run/mysqld container directory to /home/student/mysqld

Command:

podman run -d --name mysql -e MYSQL_ROOT_PASSWORD=password -v /home/student/mysql:/var/lib/mysql:Z -v /home/student/mysqld:/var/run/mysqld:Z docker.io/library/mysql:latest

Then also I try to run it but with no luck the sym link "mysql.sock -> /var/run/mysqld/mysqld.sock" forwards in wrong place and I dont know how to edit it... tried creating the symlink myself no luck..as soon as container stops running mysqld.sock file dissapears. If I try to run the container first time (I delete the /home/student/mysql/mysql.sock therefore it runs just the first time as file is created) and try to create sym link to mysql.sock -> /home/student/mysqld/mysqld.sock I cannot podman unshare chown 999:999 the file nothing happens.

Im beating my head in the wall right now its so frustrating, am I missing something? (this is my first time facing symlinks in container volumes)

Chetan_Tiwary_ · ‎09-05-2024

@Evaldas_R I tried with the docker image as well, cant see the error :

Evaldas_R · ‎09-05-2024

Okay trying to use your steps:

I will use /home/linda/testfolder:

Ran the container then deleted it and ran it again:

It wont work? same steps etc... confussion

Tried something:

Soo I disabled selinux and it works?

Is your Selinux is disabled?

Chetan_Tiwary_ · ‎09-05-2024

Nopes.

Evaldas_R · ‎09-05-2024

Okaay im really confused right now...

Making directory empty:

Running it the first time (using literally same command only folder different name):

Now removing it and starting again:

Getting same error...Selinux is enforcing.

And the selinux context seems to be correct?:

Chetan_Tiwary_ · ‎09-05-2024

Ok, atleast the redhat image is working fine for you.

Check these 2 screenshots :

Evaldas_R · ‎09-05-2024

Hmm for me it works only the first time when the files are created in the directory the second time I run it it wont work...

I am using literally same commands as you are.

can you try using the command : podman run -d --name db -e MYSQL_USER=developer -e MYSQL_PASSWORD=redhat -e MYSQL_DATABASE=inventory -e MYSQL_ROOT_PASSWORD=redhat -p 13306:3306 -v *yourfolderhere*:/var/lib/mysql:Z docker.io/library/mysql:latest

run it once then do:

podman rm -f db

and run the same command again.

Thanks!

Evaldas_R · ‎09-05-2024

OKAAY going crazy about it its literally 1:30 am

Found the solution and its confusing (atleast for me)

Tried different things.. found out its selinux issue.

Just for funs I tried changing :Z to lower case :z

From : -v /home/linda/testfolder:/var/lib/mysql:Z

To: -v /home/linda/testfolder:/var/lib/mysql:z

Works fine zero problems whatsoever??

Can someone explain the difference between uppercase :Z and lowercase :z ? I didnt get any AVC messages when using :Z option and the selinux was definetly blocking access for container.

Im so relieved and finally can go to sleep haha

Chetan_Tiwary_ · ‎09-06-2024

@Evaldas_R The z option indicates that the bind mount content is shared among multiple containers.
The Z option indicates that the bind mount content is private and unshared.

https://docs.docker.com/engine/storage/bind-mounts/#configure-bind-propagation

Check here for more details about private and shared labels : https://blog.christophersmart.com/2021/01/31/podman-volumes-and-selinux/