Docker: group of a shared volume changes depending on host user
Summary: The group of a shared volume changes within the docker container, depending on which user of the host machine is running the container.
In my host machine I have two users: userHost1 and userHost2
Logged in as userHost1 I get the debian image and I built a docker image with the following Dockerfile:
FROM debian RUN adduser --disabled-password --gecos '' user
After that, when I run docker with userHost1 and load a shared volume, I can write on it. But if I load it with userHost2 I cannot write.
Running docker as userHost1:
userHost1@host:~$ docker run -t -i -u user -v /home/userHost1/try/:/try/ my_debian user@a4b9df2f89ed:/$ ls -ahl ... drwxrwxr-x 2 user user 4.0K Mar 19 03:41 try ...
But if I log into the host as userHost2:
userHost2@host:~$ docker run -t -i -u user -v /home/userHost2/try/:/try/ my_debian user@eb169acd52b4:/$ ls -ahl ... drwxrwxr-x 2 1002 1002 4.0K Mar 19 03:45 try ... user@eb169acd52b4:/$ touch try/hello touch: cannot touch `hello': Permission denied
Why is this happening? I thought that the user in the host was irrelevant for a docker container. Is it because I pulled the Debian image as userHost1?
Of course both userHost1 is the owner of /home/userHost1/try/ and userHost2 is the owner of /home/userHost2/try/.
One Solution collect form web for “Docker: group of a shared volume changes depending on host user”
It’s just a simple permissions issue. Remember that the uids are the same in the container and on the host, but user names may be different (so uid 1002 may have different names on the host and in the container).
The owner of
/home/userHost1/try/ has the same uid as the user
user in the container. The owner of
/home/userHost2/try/ is uid 1002, which is not the same as
user in the container, so
user cannot write to the directory.