Thanks for your patience. Currently only non-unicode passwords are supported. This is in the troubleshooting doc and we’re looking at ways to improve: https://beta.docker.com/docs/windows/troubleshoot/#host-filesystem-sharing
Michael
Thanks, Michael,
while some have solved the issue by changing the password, there are others like me who do not have a unicode password, or space in it. There must be some other settings that cause trouble; see my step-by-step case that is reproducible with the latest beta.
Language? I have a German Windows 10. Special HyperV settings (I used anything default). Use of kitematic? I also tested in a pure console setting.
Dieter
Dieter, a couple of thoughts…
-
why don’t you get inside MobyLinuxVM and check file access from there? With the mount command you should have mount points //10.0.75.2/x (assuming 10.0.75.2 to be the IpAddr of MobyLinuxVM and x=for each mapped drive appears at least twice in the mount list Linux being a case sensitive system…). Check that the user and domain matches what you have specified in the system tray applet.
-
Check that you have the proper credentials setup under Credentials Manager->Windows Credentials->Dockerhost Filesystem Access
3)Avoid sharing folders under the c:/Users tree. What you will have visible from the container is what is visible to the credentials supplied. And teh Users tree have special security settings to isolate the different users.
It also took me several hours to get through this…
Thanks for you comments. I do not have access to the machine to test your ideas, with the exception of one point I remember:
- Avoid sharing C:/Users tree
When I use Kitematic to map the volume, it says that I must use c:Users. Same as in VirtualBox, but this is definitively running on HyperV
Dieter
I found another problem, namely that “File and printer sharing” may be turned off. That causes volume mounting to silently fail for me.
It can be enabled in the GUI or with:
netsh advfirewall firewall set rule group="File and Printer Sharing" new enable=Yes
2 Likes
Thanks, interesting point, but I checked: this was correctly set on my system.
Changed my password (ASCII, but with digits, no special characters) to very simple one, and did a reset.
Did what you suggested. Made sure that it returns:
nsfs on /run/docker/netns/0092889bbf49 type nsfs (rw)
and otherwise everything what @rneugeba got as a response
Tried
docker run --rm -v c:/:/data alpine ls -R /data/
/data/:
Tried:
docker run -d -v c:/tmp/Gastrobase:/home/shiny/Gastrobase --name=gastro-docker dmenne/gastro-docker
which runs Ok under VM/Windows 7 on another computer. All network/shiny functions relying on file in the container run Ok. No sharing.
Returns on inspect:
"Mounts": [
{
"Source": "/c/tmp/Gastrobase",
"Destination": "/home/shiny/Gastrobase",
"Mode": "",
"RW": true,
"Propagation": "rprivate"
}
],
But nothing is there: From bash in the above
> root@04da158c6350:/# ls home/shiny/Gastrobase
(nothing)Tested with Beta 13 (but probably no change compared to 12, I just wanted to create a simplified example to illustrate topic 33 in this thread. Printer sharing on, ASCII password, C is mapped.
Unmodified transcript after a restart of Docker. A directory C:\tmp exists and has files in it. Note that the third command is the same as the first, but returns something different.
>docker run --rm -v c:/:/data alpine ls -R /data/
/data/:
>docker run --rm -v c:/tmp:/data alpine ls -R /data/
/data/:
>docker run --rm -v c:/:/data alpine ls -R /data/
/data/:
tmp
/data/tmp:Thanks for your immense patience. Here’s another thing to try:
You can get almost root in the Linux VM like this (from here):
#get a privileged container with access to Docker daemon
docker run --privileged -it --rm -v /var/run/docker.sock:/var/run/docker.sock -v /usr/bin/docker:/usr/bin/docker alpine sh
#run a container with full root access to MobyLinuxVM and no seccomp profile (so you can mount stuff)
docker run --net=host --ipc=host --uts=host --pid=host -it --security-opt=seccomp=unconfined --privileged --rm -v /:/host alpine /bin/sh
#switch to host FS
chroot /host
… and then trying the mount manually:
mount -t cifs //10.0.75.1/C /C -o username=<username>,password=<password>,noperm
10.0.75.1 is the IP that the Linux guest can see your host at.
Sorry for the insistence… The forum software already complained that I talk too much ._)
docker run --net=host --ipc=host --uts=host --pid=host -it --security-opt=seccomp=unconfined --privileged --rm -v /:/host alpine /bin/sh
— I do not fully understand this command, so I could not correct it, but it gives an error:
docker: Error response from daemon: Unable to setup mount point, neither source nor volume defined.
I had already tried another version from Vietnam which partly worked:
docker run --privileged -it --rm -v /var/run/docker.sock:/var/run/docker.sock -v /usr/bin/docker:/usr/bin/docker alpine sh
And I am in some # bash
(I will try to modify it to your version)
Dieter,
After running:
-
docker run --privileged -it --rm -v /var/run/docker.sock:/var/run/docker.sock -v /usr/bin/docker:/usr/bin/docker alpine sh
and inside the created shell, you run the 2nd command: -
docker run --net=host --ipc=host --uts=host --pid=host -it --security-opt=seccomp=unconfined --privileged --rm -v /:/host alpine /bin/sh
and finally inside the shell created in 2), you run: -
chroot /host
followed by the mount command mentioned before by Michael.
Curious about the root of the problem…
Thanks, po, I had read and tried your other post on the subject, but in error thought that the second command had to be given NOT inside the created shell. Some progress here: c and C are there. To be sure: ping to 10.0.75.1 works.
docker run --privileged -it --rm -v /var/run/docker.sock:/var/run/docker.sock -v /usr/bin/docker:/usr/bin/docker alpine sh
/ # docker run --net=host --ipc=host --uts=host --pid=host -it --security-opt=seccomp=unconfined --privileged --rm -v /:/host alpine /bin/sh
/ # ls
bin dev etc home host lib linuxrc media mnt proc root run sbin sys tmp usr var
/ # chroot /host
/ # ls
C Mac c etc init linuxrc port root sbin tmp var
Database bin dev home lib media proc run sys usr
/ # ls c
/ # ls C
/ # mount -t cifs //10.0.75.1/C /C -o username=Dieter,password=mydearpass,noperm
mount error(115): Operation in progress
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)
/ #Oh the dreaded 115 return code. Assuming that the root shares are operational and username=Dieter has access to those shares (pls confirm) here is my suggestion (Michael knows better…):
umount all the shares (/c /C /d /D)
cat /proc/fs/cifs/DebugData (post here pls)
echo 7 > /proc/fs/cifs/cifsFYI
mount -t cifs //10.0.75.1/c /c -o user=Dieter,password=yourpassws,domain=yourhostname
cat /proc/fs/cifs/DebugData (post here pls)
dmesg (last 20 lines or so…)
echo 0 > /proc/fs/cifs/cifsFYI just to undo previous
Last messages of dmesg will detail cifs errors…
Also interesting to confirm whether the c-drive is browsable using File Explorer on the host at \\10.0.75.1\c
I tried to follow along as I am having similar problems with mounts in Docker Beta windows. I got a different error after the final mount:
mount error(13): Permission denied
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)
This was with a new user and a simple alpha-only password, and a restart, unshare, reshare. Trying to browse the c-drive gives me ‘Windows can’t find ‘\10.0.0.75.1\c’. Check the spelling and try again.’
In case somebody wants to try: It probably should be:
10.0.75.1/C
(or lowercase c)
Please correct me if I misunderstood.
Gives 404 on http://10.0.75.1:80/C.
C was shared. Same for unshared drives, e.g. D
Thanks for you patience. I hope by “unmount all the shares” you mean: Unshare all in Docker settings. If not, please correct me. As an alternative, I tried it within bash when C had been shared:
/ # umount c
umount: c: not mounted
/ # umount C
umount: C: not mounted
Password: the password is my only password on this computer. This is a development computer, I have all rights as administrator. No domain. When I enter the wrong password during sharing in Docker Settings, system complains.
Your requests:
>docker run --privileged -it --rm -v /var/run/docker.sock:/var/run/docker.sock -v /usr/bin/docker:/usr/bin/docker alpine sh
/ # docker run --net=host --ipc=host --uts=host --pid=host -it --security-opt=seccomp=unconfined --privileged --rm -v /:/host alpine /bin/sh
/ # ls
bin dev etc home host lib linuxrc media mnt proc root run sbin sys tmp usr var
/ # cat /proc/fs/cifs/DebugData
Display Internal CIFS Data Structures for Debugging
---------------------------------------------------
CIFS Version 2.08
Features: dfs fscache posix xattr
Active VFS Requests: 0
Servers:
/ # echo 7 > /proc/fs/cifs/cifsFYI
/ # mount -t cifs //10.0.75.1/c /c -o user=Dieter,password=mydearpassword,domain=yourhostname
mount: mounting //10.0.75.1/c on /c failed: No such file or directory
/ # cat /proc/fs/cifs/DebugData
Display Internal CIFS Data Structures for Debugging
---------------------------------------------------
CIFS Version 2.08
Features: dfs fscache posix xattr
Active VFS Requests: 0
Servers:
/ # dmesg
...
...
hv_balloon: Data Size is 8
random: nonblocking pool is initialized
nf_conntrack: automatic helper assignment is deprecated and it will be removed soon. Use the iptables CT target to attach helpers instead.
aufs au_opts_verify:1597:docker[1339]: dirperm1 breaks the protection by the permission bits on the lower branch
device veth33f503a entered promiscuous mode
IPv6: ADDRCONF(NETDEV_UP): veth33f503a: link is not ready
docker0: port 1(veth33f503a) entered forwarding state
docker0: port 1(veth33f503a) entered forwarding state
docker0: port 1(veth33f503a) entered disabled state
IPVS: Creating netns size=1328 id=3
cgroup: docker-runc (3320) created nested cgroup for controller "memory" which has incomplete hierarchy support. Nested cgroups may change behavior in the future.
cgroup: "memory" requires setting use_hierarchy to 1 on the root
eth0: renamed from veth75807f3
IPv6: ADDRCONF(NETDEV_CHANGE): veth33f503a: link becomes ready
docker0: port 1(veth33f503a) entered forwarding state
docker0: port 1(veth33f503a) entered forwarding state
IPv6: ADDRCONF(NETDEV_CHANGE): docker0: link becomes ready
docker0: port 1(veth33f503a) entered forwarding state
/ #Dieter, tough nut to crack. It looks like the sharing is not setup under windows. The culprit show up in:
mounting //10.0.75.1/c on /c failed: No such file or directory
-
ensure shares are available. On a Windows command prompt
C:\Users\po755>net share
Share name Resource RemarkC C:\ Caching disabled
D D:\ Caching disabled
E E:\ Caching disabled
The command completed successfully. -
ensure you have access to those shares under your Dieter userid. That is
net use \\<computername>\C
must work under your userid. And use the computername instead of domain name in the cifs mount command.
Thanks, Manuel.
>net share
Name Ressource Beschreibung
-------------------------------------------------------------------------------
....
C C:\ Zwischenspeicherung deaktiviert (Caching disabled)
D D:\ Zwischenspeicherung deaktiviert
E E:\ Zwischenspeicherung deaktiviert
...
Der Befehl wurde erfolgreich ausgeführt. (successfully)
... Name of computer is DieterPC ...
>net use \\DieterPC\C
Der Befehl wurde erfolgreich ausgeführt. (success)