FUSE inside Docker

Cydonia7 picture Cydonia7 · Jan 23, 2018 · Viewed 24.9k times · Source

I'm trying to install and use FUSE inside a Docker container. My Dockerfile is the following:

FROM golang:1.8

WORKDIR /go/src/app
COPY . .

RUN apt-get update && apt-get install -y fuse && rm -rf /var/lib/apt/lists/*
RUN go-wrapper download
RUN go-wrapper install

CMD ["go-wrapper", "run", "/mnt"]

When I run the program mounting FUSE, I get: /bin/fusermount: fuse device not found, try 'modprobe fuse' first.

If I install kmod and run modprobe fuse during the build step, I get the error:

modprobe: ERROR: ../libkmod/libkmod.c:557 kmod_search_moddep() could not open moddep file '/lib/modules/4.4.104-boot2docker/modules.dep.bin'

How can I fix this?

Answer

Gery Vessere picture Gery Vessere · Feb 28, 2018

With respect to Nickolay's answer below, the --privileged flag is not strictly required, for fuse. And you're best to avoid giving that much privilege to your container.

You should be able to get things working by replacing it with --cap-add SYS_ADMIN like below.

docker run -d --rm \
           --device /dev/fuse \
           --cap-add SYS_ADMIN \
      <image_id/name>

Sometimes this may not work. In this case, you should try and tweak the AppArmor profile or just disable it as follows:

docker run -d --rm \
           --device /dev/fuse \
           --cap-add SYS_ADMIN \
           --security-opt apparmor:unconfined \
      <image_id/name>

Finally, if all fails, use --privileged flag.