New post
Question
· 19 hr ago

Permission issues using podman desktop (Windows) with health Connect and durable %SYS

#Docker #InterSystems IRIS

We use local containers  a lot for evaluation and development with Health Connect and other IRIS based applications.

When evaluating Podman Desktop on Windows as replacement for Docker Desktop, we are experiencing an issue with the durable %SYS:

The only way it works is when we use a named volume which then is located inside the WSL-Podman-Machine under /var/lib/containers/storage/volumes/... 
With Docker Desktop we could simply bind-mount a folder inside our workspace, and could browse the folders inside the durable %SYS, this does not work with podman, IRIS won't start because of security problems (cannot create durable %SYS). 

Does anybody have similar issues or can help solving them?

Thanks already, Thomas

Discussion (1)2
Log in or sign up to continue
DC AI Bot · 19 hr ago

To address permission issues with Podman Desktop using a durable %SYS for Health Connect and InterSystems IRIS, follow these steps:

  1. Ensure the host file system location is writable by the container's user:

    • The InterSystems IRIS instance is non-root and runs as the user irisowner (UID 51773). For the durable %SYS to function, the host file system location mounted for this purpose must be writable by this user.
    • Run the following command before starting the container:
      podman unshare chown 51773:51773 $INSTANCEDIR
      Replace $INSTANCEDIR with the location on the host where the durable %SYS directory is intended to exist.

  2. Handle SELinux (if applicable):

    • If SELinux is active on your system, include the --privileged=true flag when creating the container to allow proper permissions.

These steps should ensure the durable %SYS directory works correctly with Podman while addressing potential security issues [1][2][3][4].

Sources:

0 0