I am working on a network machine where I don’t have root (sudo) access.
The docker service is installed by root user.
When I try to run the docker, I get errors related to source directory permissions.
docker run --mount type=bind,source=/home/myuser/docker_test/out_dir,target=/home/out_dir --user 12345:1000 -it docker-name:0.1 bash
docker: Error response from daemon: invalid mount config for type "bind": stat /home/myuser/docker_test/out_dir: permission denied.
/home/myuser/docker_test/out_dir has 700 (rwx------) permissions. If I change the permission to 755, it will work. But I can’t change the directory permissions.
My question is why stat is failing when the user starting the docker has the permissions to access the source directory?
Is the stat being called by the docker executable as some ‘other’ user?
Does user 12345 has permission to read that directory? I am not sure, but even if the Docker daemon has permission, if the user that starts the process doesn’t have permission, that could be a problem. Or it i possible that you are running rootless Docker or Docker with user namespaces.
user 12345 has permissions to read and write into that directory.
Size: 4096 Blocks: 8 IO Block: 32768 directory
Device: 33h/51d Inode: 9275022755226025350 Links: 2
Access: (0770/drwxrwx---) Uid: (12345/ myuser) Gid: ( 1000/ hercules)
Access: 2022-12-01 02:12:54.430582000 -0500
Modify: 2022-12-01 02:12:38.239629000 -0500
Change: 2022-12-01 02:12:38.239629000 -0500
As I mentioned, docker was installed by the root user. looks like stat is being called as root user which needs ‘others’ permissions.