Docker Community Forums

Share and learn in the Docker community.

What user does Docker run under in Ubuntu?

I am running Docker in Ubuntu 20.04, which is running inside a VirtualBox VM. I have a shared folder that I want to use as my Docker data directory, and be able to share it between Docker and the host computer.

According to Oracle (VirtualBox), in order to have full write access, I need to add my user to the vboxsf group. I have done this with my user, and I am able to write to the folder from within the VirtualBox VM. But I am unable to write to it from within a Docker container.

I can only assume that docker is running as a different user, other than myself, and I need to add that user to the vboxsf group as well. This is only conjecture, but it seems to make sense.

So the question is, what is the user that docker uses?

Unless rootless docker is used, the docker engine is always running as root user.

A container on the other side can run processes as root or a restriced user.
Make sure the uid/gid of the user that executes the main process inside the container matches the owner of the folder you map into the container as volume.

The vboxsf filesystem may or may not work as a volume source. You will need to test it. First master permissions with a folder in the vm’s local filesystem mapped into a container. Then move over and try to map the shared folder into a container.

Hi Metin, thank you for your answer. Yes, since I wrote this question, I was able to figure out that if I change the GUID in the docker container to the GUID matching the vboxsf group, I am able to access those files with write access. But I also want to have the user be a part of my home user’s group as well. So that brings up another question, am I able to assign more than one group to a docker container’s user?

Some images provide explicitly build-in usermapping by using environment variables.Other images that run as a restricted user can be create with the -u option to pass in a uid:gid (with docker run or docker-compose).

Yes, the images I am using have the -u option so I am passing the uid:gid to match my user info on the host system. But the thing is, on the host system, my user is a member of multiple groups, one of them being the vboxsf group. How can I add the user in the docker container to both groups?

The normal approach would be to allign the required ids, but this is not what you want. You could potentialy create your own image in a way that its supports this scenario. Let me know if you find a solution.

This looks promising… https://docs.docker.com/engine/reference/run/#additional-groups

Indeed. Hadn’t had that one on my plate. I hope it will solve the issue.

The Docker daemon always runs as the root user. If you don’t want to preface the docker command with sudo , create a Unix group called docker and add users to it. When the Docker daemon starts, it creates a Unix socket accessible by members of the docker group.