read/write shared folder

sickcodes / Docker-OSX

Run macOS VM in a Docker! Run near native OSX-KVM in Docker! X11 Forwarding! CI/CD for OS X Security Research! Docker mac Containers.

https://hub.docker.com/r/sickcodes/docker-osx

GNU General Public License v3.0

48.79k stars 2.72k forks source link

read/write shared folder #479

Open manang opened 2 years ago

manang commented 2 years ago

Hi, I'm trying to add a read/write shared folder. This is my script:

docker run -it \
    --name test \
    --device /dev/kvm \
    -p 50923:10022 \
    -v "${SHARE}:/mnt/hostshare" \
    -e "OSX_COMMANDS=/bin/bash -c \"echo alpine | sudo -S mount_9p hostshare && touch /Volumes/hostshare/xx.txt && ls /Volumes/ho>
    -e EXTRA="-virtfs local,path=/mnt/hostshare,mount_tag=hostshare,security_model=passthrough,id=hostshare" \
     -v "${PWD}/mac_hdd_ng_auto_big_sur.img:/image" \
      sickcodes/docker-osx:naked-auto

Mac os Can read, but it can't write on /Volumes/hostshare. How can I add the grants to write data on the volume? Thanks

Angelo

manang commented 2 years ago

I want to add that my vm user has, as uuid, 1001, the uid of the user in the docker image is 1000. I tried to change the uid of the mac os user from 501 to 1001, but no way, I can't write on the shared volume. Do you have any hint?

sickcodes commented 2 years ago

https://github.com/sickcodes/Docker-OSX#share-folder-with-docker-osx-qemu-macos

There are other options such as NFS which might be substantially easier: https://github.com/sickcodes/Docker-OSX#share-linux-nfs-drive-into-macos

manang commented 2 years ago

Hi, thanks for your answer. the problem is that the uid of the user of mac os has to be the same to the user in the docker instance and to the user in the host vm. so, in the first link I can setup a read folder, but not a write folder. I'm trying with the second

ugurcan377 commented 2 years ago

I was having the same problem, was able create and write to files, but unable to create new directories and such. I managed to fix it with changing the security_model of the -virtfs from passthrough to none. QEMU documentation explains the differences like this

passthrough: Files are stored using the same credentials as they are created on the guest. This requires QEMU to run as root.
none: Same as "passthrough" except the sever won't report failures if it fails to set file attributes like ownership (chown). This makes a passthrough like security model usable for people who run kvm as non root.

After this change I was able to create directories within the shared folder.

sickcodes commented 2 years ago

The easiest way is using sshfs over the network; you get read write to the whole disk