HiveBrain v1.2.0
Get Started
← Back to all entries
patterndockerMinor

Ultimate docker permission solution

Submitted by: @import:stackexchange-devops··
0
Viewed 0 times
dockerultimatepermissionsolution

Problem

I'm using docker some time and I like the conception very much. But I found a thing is a big problem for me.

I'm talking about permissions. While I'm not worrying about production, setting up my docker development environment becomes hell, because of file ownerships and permissions. For example:

  • www-data user from php container cannot create files in my directories (www-data uid is 82 while my uid is 1000)


I was trying to change www-data id to 1000 but I share this environment with macOS users, who typically have uid of 500

  • I cannot remove files that have been created within container - that makes it hard for me to jump between git branches sometimes (sudo rm somefile).



I spend hours, no, days looking for ultimate solution. Tried gosu in containers, mounting /etc/shadow as a volume etc. The problem is, I was unable to find a solution that can be considered multi-platform and proper (mounting local system files readonly just doesn't look good).

Thank you!

Solution

I'm a little confused about the exact use case. Are you asking about writing to volumes that are mounted inside the container?

You can change what the process in the docker container runs as by using --user on your run commands.

docker run --user 1000 --ti centos/7 /bin/bash


This answer may help you:
https://stackoverflow.com/questions/41100333/difference-between-docker-run-user-and-group-add-parameters

The manual explains this as well: https://docs.docker.com/engine/reference/run/#user

Code Snippets

docker run --user 1000 --ti centos/7 /bin/bash

Context

StackExchange DevOps Q#3852, answer score: 1

Revisions (0)

No revisions yet.