Backing up unprivileged Podman volume mounts with restic and `podman unshare`?

So there’s a modern Docker alternative called Podman that makes it very easy to run unprivileged containers without the need of a central daemon.
Everything is nice but when I’m using volumes, the files naturally might have permissions that the user that runs the container might not have direct access to these files because the container might use different users, groups and permissions within.
And this doesn’t make it easy to backup unless you’d use root access or mess with the permissions.

However, Podman supports easy access via podman unshare.
This means that if you wouldn’t be able list files in a directory with ls you still would be able to list them with podman unshare ls (or cat file vs podman unshare cat file).

Now I’m curious whether there’s any possibility to use that for creating and restoring backups with restic without having to use root access.

Or do you maybe have any other proposal?

PS: I also asked on Reddit but I guess the likelihood of getting an answer is higher here in the forum :grimacing:

I would just try it out, podman unshare restic backup ...
You should run restic inside of a modified user namespace in that case and have the right permissions to access the required files.

If there are files unaccessible, you should get a warning.

If you can leverage root on the host, you could try podman mount as well.

Also, there are docs for non root setups, but not specifically for podman.

1 Like

Thank you so much.
I wasn’t aware that the outside binaries would be available here!
This should work then.

Thank you so much!

1 Like