Evaldas_R
Mission Specialist
Mission Specialist
  • 4,065 Views

Podman volume mount /var/lib/mysql problem.

Jump to solution

I have a problem with mounting a volume of mysql.

podman run -d --name mysql -e MYSQL_ROOT_PASSWORD=password -v /home/student/mysql:/var/lib/mysql:Z docker.io/library/mysql:latest

This is my command as soon as I run it, it creates files in /home/student/mysql and it works, as soon as I delete it and try to run it again I get in logs:

find: '/var/lib/mysql/mysql.sock': Permission denied
chown: cannot access '/var/lib/mysql/mysql.sock': Permission denied

In home/student/mysql is a sym link:

mysql.sock -> /var/run/mysqld/mysqld.sock

So to my idea I also mounted the /var/run/mysqld container directory to /home/student/mysqld

Command:

podman run -d --name mysql -e MYSQL_ROOT_PASSWORD=password -v /home/student/mysql:/var/lib/mysql:Z -v /home/student/mysqld:/var/run/mysqld:Z docker.io/library/mysql:latest

Then also I try to run it but with no luck the sym link "mysql.sock -> /var/run/mysqld/mysqld.sock" forwards in wrong place and I dont know how to edit it... tried creating the symlink myself no luck..as soon as container stops running mysqld.sock file dissapears. If I try to run the container first time (I delete the /home/student/mysql/mysql.sock therefore it runs just the first time as file is created) and try to create sym link to mysql.sock -> /home/student/mysqld/mysqld.sock I cannot podman unshare chown 999:999 the file nothing happens.

Im beating my head in the wall right now its so frustrating, am I missing something? (this is my first time facing symlinks in container volumes)

 

 

Labels (2)
17 Replies
Chetan_Tiwary_
Community Manager
Community Manager
  • 1,163 Views

@Evaldas_R I tried with the docker image as well, cant see the error :

Chetan_Tiwary__0-1725566446713.png

 

Evaldas_R
Mission Specialist
Mission Specialist
  • 1,158 Views

Okay trying to use your steps:

I will use /home/linda/testfolder:

Evaldas_R_0-1725567153118.png

Ran the container then deleted it and ran it again:

Evaldas_R_1-1725567381652.png

It wont work? same steps etc... confussion

Evaldas_R_2-1725567484002.png

Tried something:

Soo I disabled selinux and it works?

Evaldas_R_3-1725567567112.png

Evaldas_R_4-1725567629040.png

Is your Selinux is disabled?

 

 

 

 

Chetan_Tiwary_
Community Manager
Community Manager
  • 1,149 Views

Nopes.

Chetan_Tiwary__0-1725568245179.png

 

0 Kudos
Evaldas_R
Mission Specialist
Mission Specialist
  • 1,142 Views

Okaay im really confused right now...

Making directory empty:

Evaldas_R_0-1725568653886.png

Evaldas_R_1-1725568700174.png

Running it the first time (using literally same command only folder different name):

Evaldas_R_2-1725568751141.png

Now removing it and starting again:

Evaldas_R_3-1725568872580.png

Getting same error...Selinux is enforcing.

And the selinux context seems to be correct?:

Evaldas_R_4-1725568943074.png

 

Chetan_Tiwary_
Community Manager
Community Manager
  • 1,141 Views

Ok, atleast the redhat image is working fine for you. 

Check these 2 screenshots :

Chetan_Tiwary__0-1725569608853.png Chetan_Tiwary__1-1725569871932.png

Chetan_Tiwary__2-1725570112846.png

 

Evaldas_R
Mission Specialist
Mission Specialist
  • 1,134 Views

Hmm for me it works only the first time when the files are created in the directory the second time I run it it wont work...

I am using literally same commands as you are.

can you try using the command :   podman run -d --name db -e MYSQL_USER=developer -e MYSQL_PASSWORD=redhat -e MYSQL_DATABASE=inventory -e MYSQL_ROOT_PASSWORD=redhat -p 13306:3306 -v *yourfolderhere*:/var/lib/mysql:Z docker.io/library/mysql:latest          

run it once then do:

podman rm -f db

and run the same command again.

Thanks!

Evaldas_R
Mission Specialist
Mission Specialist
  • 3,828 Views

OKAAY going crazy about it its literally 1:30 am

Found the solution and its confusing (atleast for me)

Tried different things.. found out its selinux issue.

Just for funs I tried changing :Z to lower case :z

From : -v /home/linda/testfolder:/var/lib/mysql:Z

To: -v /home/linda/testfolder:/var/lib/mysql:z 

Evaldas_R_1-1725575507394.png

Works fine zero problems whatsoever??

Evaldas_R_2-1725575554901.png

Can someone explain the difference between uppercase :Z and lowercase :z ? I didnt get any AVC messages when using :Z option and the selinux was definetly blocking access for container.

Im so relieved and finally can go to sleep haha

Chetan_Tiwary_
Community Manager
Community Manager
  • 1,079 Views

@Evaldas_R The z option indicates that the bind mount content is shared among multiple containers.
The Z option indicates that the bind mount content is private and unshared.

https://docs.docker.com/engine/storage/bind-mounts/#configure-bind-propagation

Check here for more details about private and shared labels : https://blog.christophersmart.com/2021/01/31/podman-volumes-and-selinux/

0 Kudos
Join the discussion
You must log in to join this conversation.