Otdfbt

Average spam confidence

Cause of continuous spectral lines

Is it possible to (7 day) schedule sleep time of a hard drive?

After the loss of Challenger, why weren’t Galileo and Ulysses launched by Centaurs on expendable boosters?

How to pass a regex when finding a directory path in bash?

What LISP compilers and interpreters were available for 8-bit machines?

Why only the fundamental frequency component is said to give useful power?

How to generate random points without duplication?

What can plausibly explain many of my very long and low-tech bridges?

Do any instruments not produce overtones?

Select items in a list that contain criteria

Notation of last measure of a song with a pickup measure

What are the words for people who cause trouble believing they know better?

Does there exist a word to express a male who behaves as a female?

Subtables with equal width?

PL/SQL function to receive a number and return its binary format

4*4*4 Rubiks cube Top Layer Issue

How can drunken, homicidal elves successfully conduct a wild hunt?

How hard would it be to convert a glider into an powered electric aircraft?

Can you really not move between grapples/shoves?

Does the first version of Linux developed by Linus Torvalds have a GUI?

How to make a setting relevant?

How many pairs of subsets can be formed?

Why is the application of an oracle function not a measurement?

Can not delete btrfs subvolume inside Docker

LVM snapshot of btrfs volume changes mounted deviceAutomatically add new vhosts to docker nginx containerDocker Port Forwarding and Privileged Flag not workingConfusion with Jenkins Docker Plugin and Jenkins Docker SlavesHow to persist all Jenkins data on an EBS volume in dockerStarting specific task containers from inside a coordinator containerHow can I automatically restart my Docker containers with container auto-delete?Docker Composer - Failing to run my webapp and mysql imagesHow to recover unrecoverable errors in a btrfs RAID1 volume?Jenkins: Docker plugin, “All nodes of label […] are offline”

.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;

2

I have a btrfs partition (mounted on /srv) on my host system with a
subvolume (old).
I would like to manage it from a docker container (I have launched it
with -v /srv:/srv).

While I'm perfectly able to create a snapshot of it, I can not list
other subvolume and/or delete them:

user@host:~$ docker exec -ti jenkins-slave bash
root@a5496f6bd14b:~# btrfs subvolume snapshot /srv/old /srv/new
Create a snapshot of '/srv/old' in '/srv/new'
root@a5496f6bd14b:~# ls /srv
new old
root@a5496f6bd14b:~# btrfs subvolume delete /srv/new
Delete subvolume (no-commit): '/srv/new'
ERROR: cannot delete '/srv/new': Operation not permitted
root@a5496f6bd14b:~# btrfs subvolume list /srv/new
ERROR: can't perform the search - Operation not permitted
root@a5496f6bd14b:~# ls /srv
new old

While I'm still able to do it from the host system.

linux docker btrfs

share|improve this question

asked May 20 at 16:51

GlinesMomeGlinesMome

152210

add a comment | 

2

I have a btrfs partition (mounted on /srv) on my host system with a
subvolume (old).
I would like to manage it from a docker container (I have launched it
with -v /srv:/srv).

While I'm perfectly able to create a snapshot of it, I can not list
other subvolume and/or delete them:

user@host:~$ docker exec -ti jenkins-slave bash
root@a5496f6bd14b:~# btrfs subvolume snapshot /srv/old /srv/new
Create a snapshot of '/srv/old' in '/srv/new'
root@a5496f6bd14b:~# ls /srv
new old
root@a5496f6bd14b:~# btrfs subvolume delete /srv/new
Delete subvolume (no-commit): '/srv/new'
ERROR: cannot delete '/srv/new': Operation not permitted
root@a5496f6bd14b:~# btrfs subvolume list /srv/new
ERROR: can't perform the search - Operation not permitted
root@a5496f6bd14b:~# ls /srv
new old

While I'm still able to do it from the host system.

linux docker btrfs

share|improve this question

asked May 20 at 16:51

GlinesMomeGlinesMome

152210

add a comment | 

I have a btrfs partition (mounted on /srv) on my host system with a
subvolume (old).
I would like to manage it from a docker container (I have launched it
with -v /srv:/srv).

While I'm perfectly able to create a snapshot of it, I can not list
other subvolume and/or delete them:

user@host:~$ docker exec -ti jenkins-slave bash
root@a5496f6bd14b:~# btrfs subvolume snapshot /srv/old /srv/new
Create a snapshot of '/srv/old' in '/srv/new'
root@a5496f6bd14b:~# ls /srv
new old
root@a5496f6bd14b:~# btrfs subvolume delete /srv/new
Delete subvolume (no-commit): '/srv/new'
ERROR: cannot delete '/srv/new': Operation not permitted
root@a5496f6bd14b:~# btrfs subvolume list /srv/new
ERROR: can't perform the search - Operation not permitted
root@a5496f6bd14b:~# ls /srv
new old

While I'm still able to do it from the host system.

linux docker btrfs

share|improve this question

asked May 20 at 16:51

GlinesMomeGlinesMome

152210

user@host:~$ docker exec -ti jenkins-slave bash
root@a5496f6bd14b:~# btrfs subvolume snapshot /srv/old /srv/new
Create a snapshot of '/srv/old' in '/srv/new'
root@a5496f6bd14b:~# ls /srv
new old
root@a5496f6bd14b:~# btrfs subvolume delete /srv/new
Delete subvolume (no-commit): '/srv/new'
ERROR: cannot delete '/srv/new': Operation not permitted
root@a5496f6bd14b:~# btrfs subvolume list /srv/new
ERROR: can't perform the search - Operation not permitted
root@a5496f6bd14b:~# ls /srv
new old

share|improve this question

asked May 20 at 16:51

GlinesMomeGlinesMome

152210

share|improve this question

asked May 20 at 16:51

GlinesMomeGlinesMome

152210

asked May 20 at 16:51

GlinesMomeGlinesMome

152210

asked May 20 at 16:51

GlinesMomeGlinesMome

152210

1 Answer
1

active

oldest

votes

1

It appears this behavior is due to a Docker configuration setting.

I was able to get this to work by adding the "Linux Capability" CAP_SYS_ADMIN at Docker runtime.

docker run -d -t --cap-add SYS_ADMIN -v /mnt.btrfs:/mnt.btrfs debbtrfs

CAP_SYS_ADMIN

Perform a range of system administration operations including: quotactl(2), mount(2), umount(2), swapon(2), swapoff(2), sethostname(2), and setdomainname(2)

There are a whole series of other "Linux Capabilities", including a verbose description of CAP_SYS_ADMIN which can be found in the man pages:

$ man 7 capabilities

Which of these capabilities are Docker defaults, and which can be added/dropped can be found here, under "Runtime privilege and Linux capabilities":
https://docs.docker.com/engine/reference/run/

share|improve this answer

edited May 28 at 5:39

answered May 28 at 1:59

MorganMorgan

1613

add a comment | 

Your Answer

StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "2"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f968121%2fcan-not-delete-btrfs-subvolume-inside-docker%23new-answer', 'question_page');

);

Post as a guest

Name

Email

Required, but never shown

1

It appears this behavior is due to a Docker configuration setting.

I was able to get this to work by adding the "Linux Capability" CAP_SYS_ADMIN at Docker runtime.

docker run -d -t --cap-add SYS_ADMIN -v /mnt.btrfs:/mnt.btrfs debbtrfs

CAP_SYS_ADMIN

Perform a range of system administration operations including: quotactl(2), mount(2), umount(2), swapon(2), swapoff(2), sethostname(2), and setdomainname(2)

There are a whole series of other "Linux Capabilities", including a verbose description of CAP_SYS_ADMIN which can be found in the man pages:

$ man 7 capabilities

Which of these capabilities are Docker defaults, and which can be added/dropped can be found here, under "Runtime privilege and Linux capabilities":
https://docs.docker.com/engine/reference/run/

share|improve this answer

edited May 28 at 5:39

answered May 28 at 1:59

MorganMorgan

1613

add a comment | 

1

It appears this behavior is due to a Docker configuration setting.

I was able to get this to work by adding the "Linux Capability" CAP_SYS_ADMIN at Docker runtime.

docker run -d -t --cap-add SYS_ADMIN -v /mnt.btrfs:/mnt.btrfs debbtrfs

CAP_SYS_ADMIN

Perform a range of system administration operations including: quotactl(2), mount(2), umount(2), swapon(2), swapoff(2), sethostname(2), and setdomainname(2)

There are a whole series of other "Linux Capabilities", including a verbose description of CAP_SYS_ADMIN which can be found in the man pages:

$ man 7 capabilities

Which of these capabilities are Docker defaults, and which can be added/dropped can be found here, under "Runtime privilege and Linux capabilities":
https://docs.docker.com/engine/reference/run/

share|improve this answer

edited May 28 at 5:39

answered May 28 at 1:59

MorganMorgan

1613

add a comment | 

It appears this behavior is due to a Docker configuration setting.

I was able to get this to work by adding the "Linux Capability" CAP_SYS_ADMIN at Docker runtime.

docker run -d -t --cap-add SYS_ADMIN -v /mnt.btrfs:/mnt.btrfs debbtrfs

CAP_SYS_ADMIN

Perform a range of system administration operations including: quotactl(2), mount(2), umount(2), swapon(2), swapoff(2), sethostname(2), and setdomainname(2)

There are a whole series of other "Linux Capabilities", including a verbose description of CAP_SYS_ADMIN which can be found in the man pages:

$ man 7 capabilities

Which of these capabilities are Docker defaults, and which can be added/dropped can be found here, under "Runtime privilege and Linux capabilities":
https://docs.docker.com/engine/reference/run/

share|improve this answer

edited May 28 at 5:39

answered May 28 at 1:59

MorganMorgan

1613

share|improve this answer

edited May 28 at 5:39

answered May 28 at 1:59

MorganMorgan

1613

answered May 28 at 1:59

MorganMorgan

1613

answered May 28 at 1:59

MorganMorgan

1613