Thanks for moving this to the correct forum.

We have GUI application that calls our program. Our program generates a bunch of files that are read back into the GUI.

We would like to containerize our application. If we mount the output directories then the files are written out as root. This is different than the native behavior, where they would be written with the user’s id (and group).

Since the files are written as root, a simple rm file won’t remove a file, you need to do a rm -f file.

It’s too bad docker run doesn’t have an --output option, because is exactly what I’m looking for. Using docker build isn’t great because multiple users may be using the image.

I did figure out a hacky solution (aside from rootless docker). I wrap the call the docker run in a script; that script passes the current user’s user and group id to an EntryPoint. That EntryPoint creates user in the container with the same user and group id, then executes the command in the container as that user so the files are written out with the proper user and group id. But, you know, a bit hacky.