snippet from lsblk

NAME        MAJ:MIN RM   SIZE RO TYPE  MOUNTPOINTS
nvme0n1     259:0    0   1.7T  0 disk
├─nvme0n1p1 259:2    0   256M  0 part
│ └─md0       9:0    0 255.9M  0 raid1 /boot/efi

I noticed today that one file in my Nix store was off. It is a YAML config file for frigate. I mounted the config file into an oci-container (using Docker, not Podman) using the following snippet:

virtualisation.oci-containers.containers."frigate".volumes = [ "${configFile}:/config/config.yml" ];

When comparing the contents of this store file with the store file I built locally it has version: 0.14 at the end of it. I assume this was added by Frigate.

I created a root shell in this container, installed a text editor but was unable to edit the file in anyway, as I would expect, so I am wondering if I am missing something here

I ran these inside of the container:

# ls -la /config/config.yml
-r--r--r-- 2 root root 2250 Sep 30 20:48 /config/config.yml
# chmod 644 /config/config.yml
chmod: changing permissions of '/config/config.yml': Read-only file system

In reply to @adam:robins.wtf
Raid zero for efi? I hope you mean one, because what in the world….

In reply to @adam:robins.wtf
Raid zero for efi? I hope you mean one, because what in the world….

In reply to @scrumplex:duckhub.io

I ran these inside of the container:

# ls -la /config/config.yml
-r--r--r-- 2 root root 2250 Sep 30 20:48 /config/config.yml
# chmod 644 /config/config.yml
chmod: changing permissions of '/config/config.yml': Read-only file system

In reply to @steveej0:matrix.org
this seems expected if the mount source ${configFile} is a storepath

I have recently changed it to be read only (with Docker/Podman you just add :ro to the mapping, i.e. ${configFile}:/config/config.yml -> ${configFile}:/config/config.yml:ro)

This might have fixed the issue