[GH-ISSUE #1609] S3FS in Dockerfile without privileged flag #844

New issue

Open

opened 2026-03-04 01:49:18 +03:00 by kerem · 1 comment

kerem commented

2026-03-04 01:49:18 +03:00

Owner

Originally created by @raffOps on GitHub (Mar 24, 2021).
Original GitHub issue: https://github.com/s3fs-fuse/s3fs-fuse/issues/1609

Version of s3fs being used (s3fs --version)

1.80

Version of fuse being used (pkg-config --modversion fuse, rpm -qi fuse, dpkg -s fuse)

Package: fuse
Status: install ok installed
Priority: optional
Section: utils
Installed-Size: 136
Maintainer: Laszlo Boszormenyi (GCS) gcs@debian.org
Architecture: amd64
Version: 2.9.7-1+deb9u2
Depends: libc6 (>= 2.14), libfuse2 (= 2.9.7-1+deb9u2), adduser, mount (>= 2.19.1), sed (>= 4)
Conffiles:
/etc/fuse.conf 298587592c8444196833f317def414f2
Description: Filesystem in Userspace
Filesystem in Userspace (FUSE) is a simple interface for userspace programs to
export a virtual filesystem to the Linux kernel. It also aims to provide a
secure method for non privileged users to create and mount their own filesystem
implementations.
Homepage: https://github.com/libfuse/libfuse/wiki

Kernel information (uname -r)

5.4.0-58-generic

GNU/Linux Distribution, if applicable (cat /etc/os-release)

PRETTY_NAME="Debian GNU/Linux 9 (stretch)"
NAME="Debian GNU/Linux"
VERSION_ID="9"
VERSION="9 (stretch)"
VERSION_CODENAME=stretch
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"

Details about issue

I have the following dockerfile:

FROM debian:stretch

RUN echo "xxxxx:xxxxx" > $HOME/.passwd-s3fs
RUN chmod 600 $HOME/.passwd-s3fs
RUN apt-get update
RUN apt-get install s3fs -y
RUN echo "user_allow_other" >> /etc/fuse.conf
RUN mkdir -p $HOME/bkp
RUN chmod 777 $HOME/bkp
RUN echo '#!/bin/bash\ns3fs xxxxx $HOME/bkp -o allow_other,use_cache=/tmp\n$CMD "$@"' > /entrypoint.sh
RUN chmod +x /entrypoint.sh
ENTRYPOINT ["./entrypoint.sh"]

I wanna execute without --priviliged flag, but the options allow_other isnt working. The error message is fuse: device not found, try 'modprobe fuse' first. When a run the container with --privileged, the error not happen

i will use this image in a container pod. I try run this container with privileged flag, but the same error fuse: device not found, try 'modprobe fuse' first exists.

The .yaml

apiVersion: v1
kind: Pod
metadata:
  name: s3fs
spec:
  containers:
  - name: s3fs
    image: s3fs
    imagePullPolicy: IfNotPresent
    securityContext:
      privileged: true

Originally created by @raffOps on GitHub (Mar 24, 2021). Original GitHub issue: https://github.com/s3fs-fuse/s3fs-fuse/issues/1609 #### Version of s3fs being used (s3fs --version) 1.80 #### Version of fuse being used (pkg-config --modversion fuse, rpm -qi fuse, dpkg -s fuse) Package: fuse Status: install ok installed Priority: optional Section: utils Installed-Size: 136 Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org> Architecture: amd64 Version: 2.9.7-1+deb9u2 Depends: libc6 (>= 2.14), libfuse2 (= 2.9.7-1+deb9u2), adduser, mount (>= 2.19.1), sed (>= 4) Conffiles: /etc/fuse.conf 298587592c8444196833f317def414f2 Description: Filesystem in Userspace Filesystem in Userspace (FUSE) is a simple interface for userspace programs to export a virtual filesystem to the Linux kernel. It also aims to provide a secure method for non privileged users to create and mount their own filesystem implementations. Homepage: https://github.com/libfuse/libfuse/wiki #### Kernel information (uname -r) 5.4.0-58-generic #### GNU/Linux Distribution, if applicable (cat /etc/os-release) PRETTY_NAME="Debian GNU/Linux 9 (stretch)" NAME="Debian GNU/Linux" VERSION_ID="9" VERSION="9 (stretch)" VERSION_CODENAME=stretch ID=debian HOME_URL="https://www.debian.org/" SUPPORT_URL="https://www.debian.org/support" BUG_REPORT_URL="https://bugs.debian.org/" ### Details about issue I have the following dockerfile: ``` FROM debian:stretch RUN echo "xxxxx:xxxxx" > $HOME/.passwd-s3fs RUN chmod 600 $HOME/.passwd-s3fs RUN apt-get update RUN apt-get install s3fs -y RUN echo "user_allow_other" >> /etc/fuse.conf RUN mkdir -p $HOME/bkp RUN chmod 777 $HOME/bkp RUN echo '#!/bin/bash\ns3fs xxxxx $HOME/bkp -o allow_other,use_cache=/tmp\n$CMD "$@"' > /entrypoint.sh RUN chmod +x /entrypoint.sh ENTRYPOINT ["./entrypoint.sh"] ``` I wanna execute without --priviliged flag, but the options allow_other isnt working. The error message is ```fuse: device not found, try 'modprobe fuse' first```. When a run the container with --privileged, the error not happen i will use this image in a container pod. I try run this container with privileged flag, but the same error ```fuse: device not found, try 'modprobe fuse' first``` exists. The .yaml ``` apiVersion: v1 kind: Pod metadata: name: s3fs spec: containers: - name: s3fs image: s3fs imagePullPolicy: IfNotPresent securityContext: privileged: true ```

kerem commented

2026-03-04 01:49:18 +03:00

Author

Owner

@fly3366 commented on GitHub (May 10, 2021):

Try Fuse device plugin for container.

@fly3366 commented on GitHub (May 10, 2021): Try Fuse device plugin for container.