User space (non-root) mounting of (preferably) samba shares with certificate (X509) based auth

Dear all,

I need help / advice to solve the following issue.

The goal:
would be to have a batch scheduler system where user jobs are executed in docker containers and are able to mount (samba) shares in user space with preferably paswordless auth/Z and with no too much parametrisation of docker.

Cyrrent status

  • We have a job scheduler system where user jobs are running in Docker containers.
  • User jobs want to mount and have rw access to shared file system (we have an existing samba server exporting directories)
  • The Docker containers are run/executed by the job scheduler system, so we have no influence on the parametrization of docker run or docker start, we cannot add --device or --volume like switches.
  • As such the user jobs need to mount shares in user space.
  • I’ve tried gvfs to mount samba shares in user space but it doesn’t seem to work in a docker container - however it works perfectly on the host OS.

Questions:

  • Does gvfs supposed to work in Docker containers (without adding extra parameters to docker run / start).
  • Even if it works the user jobs would have to ship login and password credentials with the job to be able to mount the samba shares with gvfs which is far from ideal. Do you see any other solution here ? For example X509 certificate based auth for samba shares in user space ? If yes, can you please send some pointer ?

Thanks a lot in advance,
Gergely

.