[ws-daemon] mknod /dev/fuse as S_IFCHR to consider major:minor by fntlnz · Pull Request #4594 · gitpod-io/gitpod
The permission issue now seems to be related to mount_capable
from fs/super.c
bool mount_capable(struct fs_context *fc)
{
if (!(fc->fs_type->fs_flags & FS_USERNS_MOUNT))
return capable(CAP_SYS_ADMIN);
else
return ns_capable(fc->user_ns, CAP_SYS_ADMIN);
}
However, it looks like the fuse filesystem on kenrnel 5.4.0-1033 and 5.4.0-1030 is
static struct file_system_type fuse_fs_type = {
.owner = THIS_MODULE,
.name = "fuse",
.fs_flags = FS_HAS_SUBTYPE | FS_USERNS_MOUNT,
.init_fs_context = fuse_init_fs_context,
.parameters = &fuse_fs_parameters,
.kill_sb = fuse_kill_sb_anon,
};
It's done in that way because we use user namespaces.
So still investigating.