Bind Mount Permissions

Hello,

I’ve been using Docker on Unraid and love it! I’m branching out and starting to run containers on Debian 12 VMs, but I’m running into issues with bind mounts.

This happens with all containers I try to run, so I’m sure I’m doing something wrong.

When I start a new container, should it automatically create the folders it needs when it starts up?

For example, here’s a simple compose script:

services:
  rundeck:
    container_name: rundeck
    ports:
      - 4440:4440
    volumes:
      - ./rundeck:/home/rundeck/server/data
    image: rundeck/rundeck:5.8.0

I’m running this from my home directory, so I have write permissions here.

When I start the container, it doesn’t have write permissions into ./rundeck. So the container stops because it can’t write into its data folder.

Am I supposed to create the folder with 777 permissions? Should I use “user: root:root” to run the container as root?

Or should I stick to volumes for my containers, rather than bind mounts?

Sorry if this is a beginner question! My Google-fu wasn’t finding an answer.

Tyler

Standard Docker CE on Linux with root will create the bind-mount folder on host for you.

Docker on Unraid is not standard, so it depends on their custom setup. Have you asked in their forums?

Docker on unraid works perfectly. My issue is with Docker CE on Debian 12.

If I run that compose script from my home dir the container fails to run.

When you bind a host path, the owner and permissions on the host filesystem path must match the process of the container, unless the image takes care of fixing ownership and/or permission. A container based on this image doesn’t fix it.

Either one of these approaches work:

  • use a named volume instead a host path
  • create the folder and chmod 777 it: mkdir -p rundeck && chmod 777 rundeck
  • create the folder and chown 1000:0 it: mkdir -p rundeck && chown 1000:0 rundeck

I looked the uid and gid up from inside the container, as I couldn’t find it mentioned in the docs.

Thank you. I think I’ll go with named volumes. I was keeping my bind mounts in the same folder for backup purposes anyway. I appreciate your help!

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.