Understanding user file ownership in docker: how to avoid changing permissions of linked volumes

by

Two options I’ve found:

CHOWN all the things (after doing your work)

I’ve done docker run -v `pwd`/shared:/shared image, and the container has created files within pwd/shared that are how owned by the docker process. However, /shared is still owned by me. So within the docker process, I do

chown -R `stat -c "%u:%g" /shared` /shared

stat -c "%u:%g" /shared returns 1000:1000 in my case, being the uid:gid of my user. Even though there is no user 1000 within the docker conatainer, the id is there (and stat /shared just says “unknown” if you ask for the username).

Anyway, chown obediently transfers ownership of the contents of /shared to 1000:1000 (which, as far as it is concerned, doesn’t exist, but outside the container, it’s me). So I now own all the files. The container can still modify things if it wants to, because from its perspective, it’s root.

And all is well with the world.

docker run -u so all files created will automatically have the right owner

Another way to do this is the -u flag on docker run.

docker run -v `pwd`/shared:/shared -u `stat -c "%u:%g" /shared` ubuntu bash

This way, the docker user inside the container is youruid:yourgid.

However: this means giving up your root authority within the container (apt-get install, etc.). Unless you create a user with that new uid and add it to the root group.

More Related Contents:

  1. How to change permissions for a folder and its subfolders/files in one step
  2. Can you run GUI applications in a Linux Docker container?
  3. How do I use sudo to redirect output to a location I don’t have permission to write to? [closed]
  4. Can Windows containers be hosted on Linux?
  5. Cannot connect to the Docker daemon at unix:/var/run/docker.sock. Is the docker daemon running?
  6. Exploring Docker container’s file system
  7. Docker can’t connect to docker daemon
  8. What is the runtime performance cost of a Docker container?
  9. How to use local docker images with Minikube?
  10. How can I get Docker Linux container information from within the container itself?
  11. Forward host port to docker container
  12. How do I change permissions for a folder and its subfolders/files?
  13. how to create docker overlay network between multi hosts?
  14. What does localhost means inside a Docker container?
  15. docker.sock permission denied
  16. How to determine if a process runs inside lxc/Docker?
  17. Mount SMB/CIFS share within a Docker container
  18. How to copy files from dockerfile to host?
  19. Redirecting command output in docker
  20. Docker Alpine executable binary not found even if in PATH
  21. Chmod 777 to a folder and all contents [duplicate]
  22. Permissions Issue with Laravel on CentOS
  23. Docker in Docker cannot mount volume
  24. Docker command can’t connect to Docker daemon
  25. How to run Nginx within a Docker container without halting?
  26. How can I forward localhost port on my container to localhost on my host?
  27. understanding and decoding the file mode value from stat function output
  28. docker-compose up and user inputs on stdin
  29. What is the purpose of the “-i” and “-t” options for the “docker exec” command?
  30. A general linux file permissions question: Apache and WordPress

Leave a Comment