Alternative approach to making sure directory mounted from host has correct ownership inside container.
We have a directory on docker host /host/data/
with owner whose uid:gid is 777:888
.
If we mount to docker container with --volume /host/data/:/srv/myservice
then
there is no guarantee that container has a user with uid and gid matching 777:888
.
Let's say in container we have myservice
user which should own /srv/myservice
.
We have 2 approaches available to ensure correct permissions:
- run
chown myservice -R /srv/myservice
on container start. We might not want this when there are lots of files in/srv/service
or we care about keeping numeric uid and gid in host. - change uid and gid of
myservice
user on container start to match with mounted directory
This repository demonstrates second option. It has its limitations:
- cannot be used when directory owner on host is root (uid=0,gid=0) and directory owner in container is not root
- when docker image already contains files owned by
myservice
user then after changing uid and gid we have to search for all those files and update their ownership