Rootless Docker + Unprivileged user Bind Mounts

aldenar · July 4, 2023, 11:00am

Hello everyone,

is it possible to have an external volume attached under different permissions than root:root?

I’m running a rootless docker instance, where the service inside the container needs to persist some data. Naturally, I’d use a volume for that, however, volumes are mounted under root:root perms, meaning the service running under a different, unprivileged, user does not have rw access to it.

It’s not possible to change the perms during build-time as the directory gets overlayed by the mount, and can’t change them on runtime as the service starts unprivileged.

Already tried creating a directory inside the mount on the host, with the same UID:GID as the user inside the container, but no, even that dir gets chown’d to root:root.

Only other solution I can think of is starting the container as root, chowning the mount, then su to the unprivileged user to run the service.

Topic		Replies	Views
Bind mounting permissions with USER broken using rootless docker General	7	7934	August 23, 2023
Why is rootless docker still running as root inside container? General docker	5	5231	March 7, 2023
Creating Images that Support User Owned Volume Mounts with Docker Desktop and Docker Engine Docker Desktop linux	1	595	June 12, 2023
Rootless Docker: Need to provide write access to a non-root user in docker container for a volume mounted on the host Docker Hub docker	1	1825	July 29, 2023
Mounting a volume as non-root from Windows Docker Desktop beta , windows	5	4520	May 18, 2017

Rootless Docker + Unprivileged user Bind Mounts

Related topics