I’m trying to set up default files permission inside linux container using command setfacl but I’m getting error “Operation not supported”
it looks like there is an acl option missed in /etc/mtab in root file definition (overlay) but when I’m trying to open the file /proc/mounts (aka ~self/mounts) for edit I’m getting empty file … Any ideas how to pemanently add this acl option ?
According to the setfacl man page, the capability CAP_FOWNER is required:
PERMISSIONS
The file owner and processes capable of CAP_FOWNER are granted the right to modify ACLs of a file. This is analogous to the permissions required for accessing the file mode. (On current Linux systems, root is the only user with the CAP_FOWNER capability.)
You need to add the capability FOWNER to your container:
I’ve always created containers from QNAP GUI so I was not familiar with command line … now I did some test, pull fresh image from repositiry, create container using “docker run” commad with CAP added but results are the same
I think the clue is to have mounted file system with “acl” option …
I can’t tell you how QNAP handles it. Though, I can tell that Synology’s ACL implemention is incompatible with the ACL package of normal distributions (what the containers use). I hope it’s not the case with QNAP.