Alternative approach to making sure directory mounted from host has correct ownership inside container.
We have a directory on docker host /host/data/ with owner whose uid:gid is 777:888.
If we mount to docker container with --volume /host/data/:/srv/myservice then
there is no guarantee that container has a user with uid and gid matching 777:888.
Let's say in container we have myservice user which should own /srv/myservice.
We have 2 approaches available to ensure correct permissions:
- run
chown myservice -R /srv/myserviceon container start. We might not want this when there are lots of files in/srv/serviceor we care about keeping numeric uid and gid in host. - change uid and gid of
myserviceuser on container start to match with mounted directory
This repository demonstrates second option. It has its limitations:
- cannot be used when directory owner on host is root (uid=0,gid=0) and directory owner in container is not root
- when docker image already contains files owned by
myserviceuser then after changing uid and gid we have to search for all those files and update their ownership