I\'m trying to install and use FUSE inside a Docker container. My Dockerfile is the following:
FROM golang:1.8
WORKDIR /go/src/app
COPY . .
RUN apt-get update
With respect to Nickolay's answer below, the --privileged
flag is not strictly required, for fuse. And you're best to avoid giving that much privilege to your container.
You should be able to get things working by replacing it with --cap-add SYS_ADMIN
like below.
docker run -d --rm \
--device /dev/fuse \
--cap-add SYS_ADMIN \
<image_id/name>
Sometimes this may not work. In this case, you should try and tweak the AppArmor profile or just disable it as follows:
docker run -d --rm \
--device /dev/fuse \
--cap-add SYS_ADMIN \
--security-opt apparmor:unconfined \
<image_id/name>
Finally, if all fails, use --privileged flag.
Just as a workaround you can do the modprobe fuse
on your host, then using --device /dev/fuse
to get the device in the container. Anyway container should be started in privileged mode to mount things with the /dev/fuse
.
The command to run the docker image is:
docker run -d --rm --device /dev/fuse --privileged <image_id/name>
you need to run the container as privileged, alternatively, add SYS_ADMIN
specifically.