Docker Community Forums

Share and learn in the Docker community.

Volume Permissions on Linux Host?


(Mikeball) #1

So I’m just starting to learn docker(version 1.12.1), primarily for setting up local development environments, and have run into some issue with volume permissions when mounting volumes on a linux host.

The problem is that any files created from within the container in a shared volume are owned by the root user inside the container, meaning the non-root standard user on the host computer can no longer make changes to these files.

This doesn’t seem to be an issue on mac hosts, and this problem is effectively preventing me from using docker compose on a linux host as well.

One solution I’ve found & tried is passing the host user details to the container as environment variables, and use a script to create a duplicate group and user inside the container and su as as that user while working in the container.

Is this the current best solution to this problem? Or am I doing something wrong? Does docker have any plans to deal with this?

Thanks!


(Eric Ongerth) #2

@mikeball, Your solution is okay; others have been doing something like bind mount the host system’s /etc/passwd and /etc/group (read-only, of course) so that the running process in the container recognizes host users/groups, and run your in-container process as a suitable user chosen from the host’s users (maybe just as you yourself, or whoever you are when you’re operating on these files from the host side).

It’s important to understand that things need to be handled this way, that neither containers nor hosts should have an ability to force access to something without going through the standard system of access and permissions. The situations where this stuff “just works and I didn’t have any problem” is usually just because of things like user id lining up inside and outside the container, not by design.