Controlling Unix-style perms on directories passed through from shared Windows drives

[ShaunCurrier]

File: docker-for-windows/index.md, CC @londoncalling

Would it be possible to get more elaboration in this document about the finer points of controlling the Unix-style permissions that are present on volumes that are passed into the docker container from shared Windows folders?

I am struggling with a dockerized application that refuses to proceed without specific permissions being set on certain volumes/directories and I'm finding precious little Docker for Windows documentation that explains how to control the permissions or if they can even be controlled. The application wants 0770 permissions, but the VM that Docker Engine is running within has them set to `0755' and it appears they cannot be changed.

I have tried changing permissions various ways on the Windows side and changing permissions inside the container via (for example) docker exec -it -u root nextcloud chmod -R 770 /var/www/html, but no dice.

More details in the languishing issue I raised against the application: nextcloud/docker#70

In any event, thanks for the great software you're creating. :)

[londoncalling]

@friism Can you take a look at Shaun's question? Also are you the only one fielding all these technical d4win questions? Is there another person I can cc to give you some leeway?

[friism]

@ShaunCurrier you cannot change permissions inside the VM.

This is a limitation of the SMB-based approach that Docker for Windows uses for making host-mounted volumes work.

You'll either have to use non-host-mounted volumes or find a way to make your software work with the default file permissions.

[ShaunCurrier]

@friism thanks for the definitive answer on that. I was beginning to think this was the case.

@londoncalling should this limitation on permissions be explicitly called out in the docs? Without it, some may struggle to change mounted volume permissions, not realizing it's an impossible task, which will give them a negative experience with Docker for Windows.

[londoncalling]

@ShaunCurrier yes, definitely - I'll add that to the docs.
@friism thanks!

[londoncalling]

Fixed via PR #3307

[jhhyj1010]

Hi Guys,
Have you ever encountered an issue like this:
PS C:> docker run -p 39013:39013 -p 39017:39017 -p 39041-39045:39041-39045 -p 1128-1129:1128-1129 -p 59013-59014:59013-59014 -v /data/hxe:/hana/mounts --ulimit nofile=1048576:1048576 --sysctl kernel.shmmax=1073
741824 --sysctl net.ipv4.ip_local_port_range='40000 60999' --sysctl kernel.shmmni=524288 --sysctl kernel.shmall=8388608 --name hxe store/saplabs/hanaexpress:2.00.033.00.20180925.2 --passwords-url file:///hana/mo
unts/hxe_docker.json --agree-to-sap-license
======== Starting HANA container run script ========
Started at: Thu Oct 18 10:07:16 UTC 2018
Script parameters: --passwords-url file:///hana/mounts/hxe_docker.json --agree-to-sap-license
HANA version: 2.00.033.00.1535711040
Linux kernel version: 4.9
New host: 'dc40efa31dca'
Setting HANAs host name to 'dc40efa31dca' ...
Checking allowed mountpoints ...
ERROR: Insufficient permissions on /hana/mounts. Required permissions: rwx

The problem is , although I changed the folder permission to 777 by Cygwin, the folder /data/hxe seemed still not 777. So I guess that's the failure cause, however, I have no idea how I can change the windows folder permission to rwx.
Do you have any thoughts or workaround?

Thanks in advance!

[djensen47]

As a followup, the documentation mentions

Docker Desktop for Windows sets permissions on shared volumes to a default value of 0777 (read, write, execute permissions for user and for group).

However, it seems, from my experience that user is always root and group is always root. If this is indeed the case, it would be great if this also could be spelled out in the documentation. Thanks!

[docker-robott]

Closed issues are locked after 30 days of inactivity.
This helps our team focus on active issues.

If you have found a problem that seems similar to this, please open a new issue.

/lifecycle locked