Chown is failing in docker container

pcewing · February 14, 2020, 4:31am

Hello,

I have a situation where I have a user who is a member of two different groups, call these uid and gid2. A file is created with ownership uid:uid and when I try to set the ownership of the file via chown uid:gid2 file it fails with EPERM.

I’ve put together a minimal demonstration of this in the following gist:

gist.github.com

https://gist.github.com/pcewing/cadaf22b7f6803c8f4afec9439e2719b

Dockerfile

FROM centos:latest

RUN groupadd -r -g 1001 john && \
    groupadd -r -g 1050 myapp && \
    useradd -rM -g john -G myapp -u 1001 john && \
    mkdir -p /var/john && \
    chown -R john:john /var/john

USER john:john

demo.txt

[container_demo] docker image build -t myapp .
Sending build context to Docker daemon  2.048kB
Step 1/3 : FROM centos:latest
 ---> 470671670cac
Step 2/3 : RUN groupadd -r -g 1001 john &&     groupadd -r -g 1050 myapp &&     useradd -rM -g john -G myapp -u 1001 john &&     mkdir -p /var/john &&     chown -R john:john /var/john
 ---> Using cache
 ---> a889fe7bf9cb
Step 3/3 : USER john:john
 ---> Using cache
 ---> 4ce8cad43e73

This file has been truncated. show original

Any ideas why I may be running into this?

Thanks,
Paul