New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
introduce ability to create a volume with non-root initial ownership #45714
Comments
Thanks! So the thing I was thinking about was that the |
Also adding to this (from our discussion on slack);
|
My concern here is; if I create a service (download compose file, write one myself for an established image), and I add a volume ( The only way I would expect this to 'properly' work, is that the permissions are copied from the container mount point, onto _data, which of course does require the container itself to do the right thing beforehand. E.g. But how about, if we do After re-reading this proposal, I am missing the mode too, so Some inheritance from the target would still work best though. Like the e.g. if I mount Just spilling some thoughts :) |
Description
docker volume create
always create a volume onwed by root, see https://github.com/moby/moby/blob/master/volume/local/local.go#L155to be used by a container, until container also runs as root, user has to use some hack-ish scripts to
chown
volume root.I suggest the local volume driver adds support for option to define initial uid:gid ownership for a volume.
With this, I could use :
This is somehow comparable to #2259 but acknowledge the limitations for bind mounts (i.e local volumes created under
/var/lib/docker/volumes
) regarding remapping of uid/gidThe text was updated successfully, but these errors were encountered: