Closed hyperreal64 closed 2 years ago
This setup works fine for me on plain Fedora 35. I tried PUID/PGID 0, as well as my own user ID's and the ownership was changed successfully. I wonder if this is further restrictions inside the CoreOS.
I've also typically not seed the PUID/PGID vars used with values of 0. I wonder if the following could work:
suricata
user and a suricata
group./var/log/suricata
owned by the suricata
user and group.I'll try on Fedora SilverBlue in hopes its closer to Core, but haven't really been able to understand how to install Core.
Ah, its selinux. Try add :z
to your volume, ie)
sudo podman run -e PUID=0 -e PGID=0 --name suricata -it --net=host --cap-add=net_raw --cap-add=net_admin --cap-add=sys_nice -v /var/log/suricata:/var/log/suricata:z jasonish/suricata:latest -i ens3
Yes, using :z
on the volume works!
I get this error when running with podman:
Output:
The error occurs no matter where I map /var/log/suricata to on the host. The PUID and PGID env settings don't seem to have an effect. I haven't tested this on Docker so this may be specific to podman. I suspect that the user and group ownership on /var/log/suricata being the suricata user in the container has something to do with it.