-
Notifications
You must be signed in to change notification settings - Fork 120
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
File access is mapped to host user, not root. #117
Comments
Docker for Mac runs as a normal, unprivileged user except for a single small process which requires superuser privileges to configure networking. Unprivileged users are able to use Docker for Mac without needing root access. See https://docs.docker.com/docker-for-mac/osxfs/#/ownership for an explanation of the ownership model for Could you elaborate on your specific use case where this ownership model causes havoc? |
If you pull this repository and just type "make" you should see a whole lot of errors in the log if you run under docker for mac, but it works fine under docker-machine for a vmware host on a mac (as well as on just native linux hosts). |
(seems the URL got eaten) |
The cause of this issue is that the file is read-only (400) but is having The fix is to do permissions juggling while holding a lock so that other accessors cannot see the intermediate state. The workaround is to I've filed an internal issue to track that work. Thanks for your report! |
Oh, nice. Thanks for looking at it! |
This should be fixed in the just-released Beta 29. Sorry for the delay in resolving the issue -- we had a couple of false starts on the design but now we use an ACL entry to make xattrs (containing ownership metadata) behave like inode metadata in most circumstances. Please give it a try and let us know how it works (or doesn't) for you. I'm going to close this issue but if you find related problems, please feel free to re-open. If you find un-related problems, please open a new issue. :-) Thanks for using Docker for Mac! |
Closed issues are locked after 30 days of inactivity. If you have found a problem that seems similar to this, please open a new issue. Send feedback to Docker Community Slack channels #docker-for-mac or #docker-for-windows. |
Expected behavior
When I run as root in the container, my files created on a mapped volume should also be owned by root in macosx.
Actual behavior
When I mount volumes from the host, they seem to be silently translated to the host user logged into my mac, as opposed to the user that I run in the container (e.g. root). This causes havoc when trying to perform various operations, e.g. chown, since they are not owned.
Information
Diagnostic ID: A00B5996-AD37-4A1A-AD44-F0A8F7755937
Docker for Mac: 1.12.0 (Build 10871)
macOS: Version 10.11.5 (Build 15F34)
[OK] docker-cli
[OK] app
[OK] moby-syslog
[OK] disk
[OK] virtualization
[OK] system
[OK] menubar
[OK] osxfs
[OK] db
[OK] slirp
[OK] moby-console
[OK] logs
[OK] vmnetd
[OK] env
[OK] moby
[OK] driver.amd64-linux
Steps to reproduce
The text was updated successfully, but these errors were encountered: