Docker: group of a shared volume changes depending on host user

Summary: The group of a shared volume changes within the docker container, depending on which user of the host machine is running the container.

In my host machine I have two users: userHost1 and userHost2

  • Error run scrapy after install docker
  • Using MySQL with Spring boot docker image
  • What is the difference between AUFS and devicemapper in docker?
  • Docker containers on travis-ci
  • Docker container from image created by build: is working but not working from pulled image
  • Cannot connect to MySQL docker container from container with Django app
  • Logged in as userHost1 I get the debian image and I built a docker image with the following Dockerfile:

    FROM debian
    RUN adduser --disabled-password --gecos '' user

    After that, when I run docker with userHost1 and load a shared volume, I can write on it. But if I load it with userHost2 I cannot write.

    Running docker as userHost1:

    userHost1@host:~$ docker run -t -i -u user -v /home/userHost1/try/:/try/ my_debian
    user@a4b9df2f89ed:/$ ls -ahl
    drwxrwxr-x   2 user user 4.0K Mar 19 03:41 try

    But if I log into the host as userHost2:

    userHost2@host:~$ docker run -t -i -u user -v /home/userHost2/try/:/try/ my_debian
    user@eb169acd52b4:/$ ls -ahl
    drwxrwxr-x   2 1002 1002 4.0K Mar 19 03:45 try
    user@eb169acd52b4:/$ touch try/hello
    touch: cannot touch `hello': Permission denied

    Why is this happening? I thought that the user in the host was irrelevant for a docker container. Is it because I pulled the Debian image as userHost1?

    Of course both userHost1 is the owner of /home/userHost1/try/ and userHost2 is the owner of /home/userHost2/try/.

  • Docker hub vs docker cloud
  • GDB empty backtrace when using gunicorn core dump
  • docker-compose : Unsupported config option for services service: 'web'
  • Settings to Windows Firewall to allow Docker for Windows to share drive
  • Proxy_pass from to localhost:xxxx using nginx on docker - not localhost on physical machine
  • How to sync code between container and host using docker-compose?
  • One Solution collect form web for “Docker: group of a shared volume changes depending on host user”

    It’s just a simple permissions issue. Remember that the uids are the same in the container and on the host, but user names may be different (so uid 1002 may have different names on the host and in the container).

    The owner of /home/userHost1/try/ has the same uid as the user user in the container. The owner of /home/userHost2/try/ is uid 1002, which is not the same as user in the container, so user cannot write to the directory.

    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.