Debugging Empty Bind Mount

davmillarax · August 14, 2025, 4:23pm

Howdy,

I’m trying to troubleshoot empty bind mounts when running containers on a new host VM using AlmaLinux 9. We’re using a script to run the container and it uses the following command:

docker run -it \
		-v `pwd`/source/app:/hostonly/foo/bar \
		--name ${APP_NAME}_cpan \
		--rm \
		${IMG_APP} \
			/bin/bash ;

The guest container has the folder created but it’s empty. I have tried the following but experienced no changes:

Gave the host folder very loose permissions and made sure it had the expected owner and group.
Added the :z flag, no change, and then the :Z flag, again no change.
Tried disabling SE Linux temporarily, but when attempting to do so, saw that it was not running in the first place.

I also tried using the longer syntax to mount the folder but it did not change the outcome.

pwd is giving the expected path and using docker inspect on the container when running shows that the mount is using the expected path as well, and the expected path is within my home folder.

Docker reports that it’s the following version:
Docker version 28.3.3, build 980b856

It’s also not working on my teammate’s VM/server, but it worked on our previous Fedora and Amazon Linux VMs/servers, and other apps in our ecosystem using the same pattern exhibit the same problem, so I suspect the problem is with our new systems’ configurations or Docker setup.

Can anyone suggest next steps to try to debug this? I’d appreciate it!

bluepuma77 · August 14, 2025, 5:35pm

What shell are you using, did you try

davmillarax · August 14, 2025, 6:02pm

I’m using Bash on the host and the command is being run in a Makefile, e.g. make cpan:

cpan:
	@docker build \
		${DOCKER_BUILD_PREFIX} \
		-f source/app/Dockerfile \
		--build-arg GID=${GID} \
		--build-arg UID=${UID} \
		-t ${IMG_APP} \
		. ;
	@docker run -it \
		-v `pwd`/source/app:/hostonly/foo/bar \
		--name ${APP_NAME}_cpan \
		--rm \
		${IMG_APP} \
			/bin/bash ;
	@rm -rf source/app/.cpanm

Reviewing the docker inspect output from my original tries shows that the binding is using the correct path, it just appears to be empty inside the container and definitely has contents outside.

I just tried your suggestion, but the docker inspect output shows that the host directory is wrong as a result of not getting any output from pwd with that syntax. Trying it with $(shell pwd) gives me the expected path but the folder is still empty.

rimelek · August 15, 2025, 8:03pm

How did you install Docker? Sharing the platform almost answers it, but only almost. Direct links to the followed guide can be useful.
The following commands can give us some idea and recognize incorrectly installed Docker:
```
docker info
docker version
```
Review the output before sharing and remove confidential data if any appears (public IP for example)

For debugging, you could create a file in the container with a special name like “veryuniquefilename.txt” and run the following command on the host:

find / -name veryuniquefilename.txt

If the file is not on a mounted folder, it will most likely be under the Docker data root on a container filesystem. A bind mount just makes a folder available at another location but with a correct bind mount, there could be no difference from the container’s point of view.

davmillarax · August 18, 2025, 4:54pm

I used this article as a reference: Install Docker on AlmaLinux Easily

These are the actual commands I landed on and that my teammate used:

sudo dnf config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
sudo dnf remove podman buildah
sudo dnf install docker-ce docker-ce-cli containerd.io

sudo systemctl start docker.service
sudo systemctl enable docker.service

sudo usermod -aG docker $USER && newgrp docker

Docker info:

Client: Docker Engine - Community
 Version:    28.3.3
 Context:    default
 Debug Mode: false
 Plugins:
  buildx: Docker Buildx (Docker Inc.)
    Version:  v0.26.1
    Path:     /usr/libexec/docker/cli-plugins/docker-buildx
  compose: Docker Compose (Docker Inc.)
    Version:  v2.39.1
    Path:     /usr/libexec/docker/cli-plugins/docker-compose

Server:
 Containers: 1
  Running: 1
  Paused: 0
  Stopped: 0
 Images: 6
 Server Version: 28.3.3
 Storage Driver: overlay2
  Backing Filesystem: xfs
  Supports d_type: true
  Using metacopy: false
  Native Overlay Diff: true
  userxattr: false
 Logging Driver: json-file
 Cgroup Driver: systemd
 Cgroup Version: 2
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
 CDI spec directories:
  /etc/cdi
  /var/run/cdi
 Swarm: inactive
 Runtimes: io.containerd.runc.v2 runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: 05044ec0a9a75232cad458027ca83437aae3f4da
 runc version: v1.2.5-0-g59923ef
 init version: de40ad0
 Security Options:
  seccomp
   Profile: builtin
  cgroupns
 Kernel Version: 5.14.0-570.33.2.el9_6.x86_64
 Operating System: AlmaLinux 9.6 (Sage Margay)
 OSType: linux
 Architecture: x86_64
 CPUs: 8
 Total Memory: 23.21GiB
 Name: <redacted>
 ID: 43fc93e2-2f2a-4063-ad64-6149e1b1258e
 Docker Root Dir: /home/docker-storage
 Debug Mode: false
 Experimental: false
 Insecure Registries:
  ::1/128
  127.0.0.0/8
 Live Restore Enabled: false

Docker version:

Client: Docker Engine - Community
 Version:           28.3.3
 API version:       1.51
 Go version:        go1.24.5
 Git commit:        980b856
 Built:             Fri Jul 25 11:37:02 2025
 OS/Arch:           linux/amd64
 Context:           default

Server: Docker Engine - Community
 Engine:
  Version:          28.3.3
  API version:      1.51 (minimum version 1.24)
  Go version:       go1.24.5
  Git commit:       bea959c
  Built:            Fri Jul 25 11:33:59 2025
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.7.27
  GitCommit:        05044ec0a9a75232cad458027ca83437aae3f4da
 runc:
  Version:          1.2.5
  GitCommit:        v1.2.5-0-g59923ef
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

If I remove the mount that’s not working as expected and add a new one that doesn’t already exist in the built container, I can cd into it and create files that persist outside of the container after exiting. So it seems that our current setup doesn’t like the idea of mapping a bind mount on top of an existing directory, although that seemed to work for us before.

I haven’t looked into all the places where we use this pattern, but I think in at least one of them we could remove the folder from the initial build so that it’s clear for the bind mount. But I’m not sure that will work for us in all cases.

rimelek · August 19, 2025, 2:14pm

I could not understand your description after the shared docker info output. I couldn’t follow what worked and what didn’t. Maybe if you can share commands or bullet lists to describe step by step what you did and what the result was.

but I would still try this:

rimelek:

For debugging, you could create a file in the container with a special name like “veryuniquefilename.txt” and run the following command on the host:
find / -name veryuniquefilename.txt
If the file is not on a mounted folder, it will most likely be under the Docker data root on a container filesystem.

davmillarax · August 19, 2025, 3:08pm

I tried (essentially) what you suggested:

Created a folder at (project root)/banana on the host.
Ran the container with a mount to the banana folder.
Inside the container, verified the banana folder was there, created two text files in the banana folder.
Ran the find command on the host and it was in the bound folder ((project root)/banana) as expected.

The problem is since the container has (project root) already, I can’t do a bind mount on (project root) directly, I can only do a binding on the banana folder since that’s not already populated in the container.

rimelek · August 20, 2025, 5:27pm

So the files were found on the host (outside containers) in the mount source, but nowhere else?
That shouldn’t happen unless the the daemon is running in a virtual machine or a remote machine, which I don’t see in your outputs.

I would check the docker daemon logs or any other system logs that indicates failing mounts, but I don’t see how a container can start when a specified folder is not mounted.

Can you reproduce this without a makefile, just directly running the docker commands? I assume you already tried that at least in your last test, I just want to be sure and sorry if I missed that in your messages.

I can imagine any security software blocking some system calls or commands on AlmaLinux, but I don’t remember mount issues without error messages and already started containers on other RHEL distributions either.

I would also point out that AlmaLinux is not officially supported even if it is “binary compatible with RHEL”, which only means if there is any kind of incompatibility with anything, even the exact versions of the libraries, it was probably never tested.

davmillarax · August 20, 2025, 7:28pm

I was able to debug and find that the expected dockerd process wasn’t the one being used due to a script switching to the minikube docker context when it wasn’t expected, and fixing that and making sure our script wrapper switched back to the host VM’s docker context fixed the issue. Thanks for your debugging suggestions..

system · September 19, 2025, 7:28pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Bind mount not working General	12	12781	February 17, 2025
Error trying mount a folder into docker container General docker	1	1073	March 14, 2019
Bind mount files from container not showing to host General	2	3149	January 23, 2024
Bind mounts working in Docker Desktop, but producing empty directories in the Docker CLI Docker Desktop docker , docker-compose , linux	0	574	February 6, 2024
Files on host system not seen in bind mount General	8	12568	January 4, 2024

Debugging Empty Bind Mount

Related topics