New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Remote - Containers: Permission Denied in files created inside container. #5432
Comments
Make sure the user inside the container is a regular user (not root). We then update that user's UID and GID to the ones your WSL user has before we start the container. That should result in files/folders owned by the WSL user. If that doesn't work, check that UID and GID of the WSL user are not in use by some other account inside the container. |
If I try to specify the UID in the docker-compose file, it fails when running the .devcontainer "postCreateCommand", because the user is 'node' and not root nor mine. Also tried to add the "Change the UID/GID of an existing container user", it fails because there isn't a group with the username I tried to add. |
This behavior is described in the Docker documentation like any OCI runtime
documentation: when the container mounts bind volume it adjusts the access
rights of the mounted folder to the container's user rights. If container
runs as root user it affects the access to the files on the host. It can be
solved via uid/gid mapping on the host Gist - user mapping
<https://gist.github.com/renzok/29c9e5744f1dffa392cf>. Is it simple? - No,
sorry!
…On Fri, Aug 13, 2021 at 11:39 PM Gustavo Fenilli ***@***.***> wrote:
If I try to specify the UID in the docker-compose file, it fails when
running the .devcontainer "postCreateCommand", because the user is 'node'
and not root nor mine.
Also tried to add the "Change the UID/GID of an existing container user",
it fails because there isn't a group with the username I tried to add.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#5432 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AM7YVKCAFHI7DHVJXBRBQVTT4V7HPANCNFSM5B2J3DYA>
.
Triage notifications on the go with GitHub Mobile for iOS
<https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675>
or Android
<https://play.google.com/store/apps/details?id=com.github.android&utm_campaign=notification-email>
.
|
I will try to use this Gist to solve the problem, It seens the documentation for devcontainer is lacking in this kinda of information, because it seens rather simple in the documentation, as just add the user and commands and it should work, without the need of entrypoint files. |
@GustavoFenilli The UID/GID update should be automatic. Is your host machine missing a group name or is that inside the container? What's the error message? |
WSL Debian machine Dockerfile.dev FROM node:alpine
RUN npm install pm2 -g
WORKDIR /app
RUN apk update && apk add curl && apk add openssh && apk add git
ADD . ./
EXPOSE 8080 docker-compose.yml
devcontainer.json
Container |
By adding to devcontainer.json the By also adding to the Dockerfile.dev as specified by the docs Change the UID/GID of an existing container user Dockerfile.dev
It fails with the error: |
You first need to add the group ( |
So the UID and GID does not need to match the hosts UID and GID? |
No, the extension will try to update UID and GID of the container user (if not root and the target UID and GID are not used by another user/group). It will also update UID and GID of the files in the container user's home folder. |
This issue has been closed automatically because it needs more information and has not had recent activity. See also our issue reporting guidelines. Happy Coding! |
After creating a file or folder inside the container, it will give permission denied inside wsl distro, because the user is different.
Steps to Reproduce:
Does this issue occur when you try this locally?: No
Does this issue occur when you try this locally and all extensions are disabled?: No
The text was updated successfully, but these errors were encountered: