Docker – Feed data from read-only directory on host into container
I’m a relative novice to Docker, so please bear with me if the answer is obvious.
I’m trying to give my docker container access to a shared data directory on the host, which has specific group permissions and is read-only for the group of the intended user.
I’ve already tried
docker run -it -v /data:/data ubuntu /bin/bash with the resulting error
docker: Error response from daemon: error while creating mount source path '/data': mkdir /data: permission denied. So it’s clearly a permission issue.
The gist I got looking around on google is that if you bind-mount a volume, you need to have read-write permission.
So I’m looking for an alternative way, possibly with
The data directory is huge, so any kind of duplication is not feasible. Also, changing permissions is not possible.
docker Server Version: 17.03.1-ce
Operating System: Ubuntu 16.04.2 LTS
So I finally figured it out after the helpful comment of @barat.
The problem was, that the exact directory I was trying to mount inside the container had the permissions set up in a way that only members of a specific group could read the contents. I tried everything from
docker run -u userwithaccess,
docker run --privileged to adding a user within the
Dockerfile and specifically assigning the group in question to that user. Nothing worked.
In the end the solution was relatively simple:
The parent directory of my data directory had read access for everyone, i.e. also users which were not members of the group. So I was able to mount it without a problem.
To reach the actual data, I did add the user in the
Dockerfile to the group and made sure it had the same name and
GID. Finally it was no problem to navigate into the data directory and read any file I wanted.
So I’m not sure if the directory I tried to mount is just a special case, or if it’s generally not possible to mount a directory with specific group access.
I found this workaround, but I would still have no solution if the directory I wanted would have been at
One Solution collect form web for “Docker – Feed data from read-only directory on host into container”
docker run -v /path/on/host:/path/on/container:ro my/image
Default behaviour of bind mounting is rw, but you can switch this to read only (:ro)