Bound volumes mounted as user actually mounting as root

[alanondra]

• I have tried with the latest version of Docker Desktop
• I have tried disabling enabled experimental features
• I have uploaded Diagnostics
• Diagnostics ID:

For two years, a project I've been working on has worked fine with the given setup below. However, yesterday morning it suddenly stopped working as expected, without having updated any Docker packages recently, and within the same running session from the week prior, where I could change and restart the project without issue.

The intent of the project is currently geared toward providing a development workspace.

I am running a PHP project with the tool Composer as part of the toolchain. The requirements:

• The host must be able to run the project without elevated permissions.
• The guest must be able to make changes to the files within the project, with the same permissions.
• The host must be able to read the files generated by the guest.
• Miscellaneous commands must be able to be run inside the guest.

Expected behavior

Running the project mounts the volume in such a way that the host can write to the working directory.

Actual behavior

Running the project mounts the volume in such a way that the files in the working directory are owned by root:root

Information

• Linux distro: LMDE 5 (elsie)
• Distro version: 5.10.0-23-amd64
• Docker Desktop Version: 23.0.6, build ef23cbc

Steps to reproduce the behavior

1. Get your current UID and GID:

$ id -u; id -g
1001
1001

2. In a non-elevated userspace directory, set up the below project structure:

.env

DOCKER_UID=1001
DOCKER_GID=1001

APP_ENV=local

docker-compose.yml

version: '3.9'

networks:
    my_network:
        name: my_network
        driver: bridge

services:
    my_php:
        container_name: my_php
        build:
            context: ./.docker/php
            dockerfile: dockerfile
            args:
                APP_ENV: ${APP_ENV}
        env_file: .env
        restart: unless-stopped
        user: "${DOCKER_UID}:${DOCKER_GID}"
        working_dir: /var/app
        volumes:
          - type: bind
            bind:
              propagation: rprivate
            source: .
            target: /var/app
        networks:
            - my_network

.docker/php/dockerfile

FROM php:7.0-fpm-alpine

ARG APP_ENV=development

ENV COMPOSER_HOME=/tmp/composer
ENV XDG_CONFIG_HOME=/var/app

RUN mkdir ${COMPOSER_HOME}; chmod -R 777 ${COMPOSER_HOME}

##
## select base configuration
##
COPY etc/local.ini /usr/local/etc/php/conf.d

RUN if [ "$APP_ENV" = "production" ]; then \
        mv "$PHP_INI_DIR/php.ini-production" "$PHP_INI_DIR/php.ini"; \
    else \
        mv "$PHP_INI_DIR/php.ini-development" "$PHP_INI_DIR/php.ini"; \
    fi;

##
## copy tools
##
COPY --from=composer:2.2 \
    /usr/bin/composer /usr/local/bin/composer

##
## run on container boot
##
CMD if [ "$APP_ENV" = "production" ]; then \
        composer --no-dev -o install; \
    else \
        composer install; \
    fi; \
    composer dump-autoload; \
    php-fpm

3. Start the project with docker compose up
4. Tunnel into the guest machine with docker exec -it my_php /bin/sh
5. Check the permissions with ls -la

drwxr-xr-x   20 root     root          4096 May 15 22:04 .

6. Validate the current UID and GID with whoami; id -g

whoami: unknown uid 1001
1001

[alanondra]

This ended up being an issue related to Docker Desktop, not sure how that got installed over Docker Engine.
moby/moby#2259

1. Uninstall Docker Desktop
   https://docs.docker.com/desktop/uninstall/
2. Install Docker Engine
   https://docs.docker.com/engine/install/debian/

[docker-robot]

Closed issues are locked after 30 days of inactivity.
This helps our team focus on active issues.

If you have found a problem that seems similar to this, please open a new issue.

/lifecycle locked