You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Aug 14, 2020. It is now read-only.
Currently the spec does not specify the ownership and permissions for mountPoint directories. It should also clarify that these directories should be created if they do not exist in the image.
Also it would be nice to allow to specify uid/gid/permissions for the mount points either directly in the manifest or indirectly to require for the mount point to have the same ownership and permissions as the directory in the image. Without such option running an application with mountPoints as a non-root root user is problematic.
The text was updated successfully, but these errors were encountered:
I feel it would be simpler to enforce that the mountPoint must exist instead. The trouble with specifying it is what happens if there are multiple directories in the path that have to be created? Do we specify the uid/gid/perms for each directory in the path?
From my docker experience automatic creation of mount paths in the container and on the host is very nice feature as it allows to use the image in more flexible ways.
However, I realized there is another issue with explicit uid/uid for volumes. For shared volumes it is not clear which app to use to extract user->id mapping so only numeric ids could be specified. I guess then fixing permissions and ownership it is best to leave to a pre-start hook as long as it can be configured to run as root, issue #58. So the spec should just clarify that all mount points will be owned by root with mode 755 and any intermediate directory in the mount path in the container will be created with the same permissions.
just hit this issue and I see no workaround.
trying to start cassandra (that auto create data sub-directories) as user cassandra.
In dev/tests, I don't want to specify a mount point but the container cannot start since the mount dir belong to root.
If I pre-create directories and give ownership to the aci, since the root directory is a mount-point, when started, I only have an empty directory belonging to root.
pre-start does not help too since it's running as the same user (rkt/rkt#1495, #58)
One simple way to define it could be to give the same right to the mount point as the directory in the aci.
Currently the spec does not specify the ownership and permissions for
mountPoint
directories. It should also clarify that these directories should be created if they do not exist in the image.Also it would be nice to allow to specify uid/gid/permissions for the mount points either directly in the manifest or indirectly to require for the mount point to have the same ownership and permissions as the directory in the image. Without such option running an application with
mountPoints
as a non-root root user is problematic.The text was updated successfully, but these errors were encountered: