I want to set custom directory to store containers’ data created with Podman, how can I change the directory’s file type (along with its contents) to context type used by Podman?. On systems running SELinux, all processes and files are labeled in a way that represents security-relevant information. If you try create a container with data stored in a directory other than /var/lib/containers you will get permission denied.

I’ll demonstrate this on a CentOS 8 server. Let’s put SELinux in Enforcing mode.

$ sudo setenforce 1
$ sestatus
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   enforcing
Mode from config file:          enforcing
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Memory protection checking:     actual (secure)
Max kernel policy version:      31

Install Container tools which provides podman.

sudo dnf module install container-tools

Let’s confirm podman is working as we would expect by running helloworld container.

$ podman run --rm hello-world

Trying to pull docker.io/library/hello-world...
Getting image source signatures
Copying blob 0e03bdcc26d7 done
Copying config bf756fb1ae done
Writing manifest to image destination
Storing signatures

Hello from Docker!
This message shows that your installation appears to be working correctly.

To generate this message, Docker took the following steps:
 1. The Docker client contacted the Docker daemon.
 2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
 3. The Docker daemon created a new container from that image which runs the
    executable that produces the output you are currently reading.
 4. The Docker daemon streamed that output to the Docker client, which sent it
    to your terminal.

To try something more ambitious, you can run an Ubuntu container with:
 $ docker run -it ubuntu bash

Share images, automate workflows, and more with a free Docker ID:

For more examples and ideas, visit:

Confirm current root directory setting for the containers.

$ podman info | grep -i root
  rootless: false
  GraphRoot: /var/lib/containers/storage
  RunRoot: /var/run/containers/storage

Let’s create custom directory for storing the data.

sudo mkdir -p /data/containers

Update the setting and change the directory to one created above.

$ sudo vi /etc/containers/storage.conf
# Primary Read/Write location of container storage
#graphroot = "/var/lib/containers/storage"
graphroot = "/data/containers"

Try run a container.

# podman run --rm -it  ubuntu bash
Getting image source signatures
Copying blob 0f3630e5ff08 done
Copying blob d72e567cc804 done
Copying blob b6a83d81d1f4 done
Copying config 9140108b62 done
Writing manifest to image destination
Storing signatures
bash: error while loading shared libraries: libc.so.6: cannot change memory protections

From the output I got the error message:

bash: error while loading shared libraries: libc.so.6: cannot change memory protections

Let us set correct SELinux Labels for the directory /data/containers then retry.

sudo semanage fcontext -a -e /var/lib/containers /data/containers
sudo restorecon -R -vv /data/containers

If semanage command is not found install with the commands below.

sudo yum install policycoreutils-python-utils -y

Confirm SELinux context type.

$ ls -dZ /data/containers/
unconfined_u:object_r:container_var_lib_t:s0 /data/containers/

Confirm if type has been set to container_var_lib_t.

Rerun the container:

# podman run --rm -it  ubuntu bash
[email protected]:/# cat /etc/os-release
VERSION="20.04.1 LTS (Focal Fossa)"
PRETTY_NAME="Ubuntu 20.04.1 LTS"
[email protected]:/# exit

The container was started successfully.

More articles on Podman:

Expose OpenShift Internal Registry Externally and Login With Docker/Podman CLI

Run Podman on Windows 10 | Windows Server 2019 with WSL2

How to run Docker/Podman Containers as Systemd Service

Your support is our everlasting motivation,
that cup of coffee is what keeps us going!

As we continue to grow, we would wish to reach and impact more people who visit and take advantage of the guides we have on our blog. This is a big task for us and we are so far extremely grateful for the kind people who have shown amazing support for our work over the time we have been online.

Thank You for your support as we work to give you the best of guides and articles. Click below to buy us a coffee.


Please enter your comment!
Please enter your name here