How to read and write to mounted volume without running as root?

When mounting a volume with the following command:

docker run -t -i --volumes-from FOO BAR

the volumes from FOO are mounted with root as owner. I can’t read and write to that without running as root as far as I know. Must I run as root or is there some other way?

  • Nginx 502: Bad Gateway with rstudio server
  • How do I extend a default docker image command without interrupting the default behaviour
  • How do you add authentication to a docker image?
  • Error while connecting WordPress Docker Container with MySQL
  • How can I attach VS Code to a node process running in a docker container
  • sbt-docker difference between add and addRaw
  • I have tried by creating the folder with other owner before mounting but the mounting seems to overwrite that.


    Edit: A chown would work if it could be done automatically after the mounting somehow.

  • Cannot connect to docker swarm service task
  • Vagrant docker-exec
  • How to use fluentd log driver on Elastic Beanstalk Multicontainer docker
  • Is there a way to “hibernate” a linux container
  • Pass argument to dockerfile @ runtime
  • I am trying to assign an ip from our corporate LAN to a docker container
  • 2 Solutions collect form web for “How to read and write to mounted volume without running as root?”

    I’m not sure why you aren’t able to change your folder permissions in your source image. This works without issue in my lab:

    $ cat df.vf-uid
    FROM busybox
    
    RUN mkdir -p /data && echo "hello world" > /data/hello && chown -R 1000 /data
    
    $ docker build -f df.vf-uid -t test-vf-uid .
    ...
    Successfully built 41390b132940
    
    $ docker create --name test-vf-uid -v /data test-vf-uid
    e12df8f84a3b1f113ad5440b62552b40c4fd86f99eec44698af9163a7b960727
    
    $ docker run --volumes-from test-vf-uid -u 1000 -it --rm busybox /bin/sh
    / $ ls -al /data
    total 12
    drwxr-xr-x    2 1000     root          4096 Aug 22 11:44 .
    drwxr-xr-x   19 root     root          4096 Aug 22 11:45 ..
    -rw-r--r--    1 1000     root            12 Aug 22 11:43 hello
    / $ echo "success" >/data/world
    / $ ls -al /data
    total 16
    drwxr-xr-x    2 1000     root          4096 Aug 22 11:46 .
    drwxr-xr-x   19 root     root          4096 Aug 22 11:45 ..
    -rw-r--r--    1 1000     root            12 Aug 22 11:43 hello
    -rw-r--r--    1 1000     root             8 Aug 22 11:46 world
    / $ cat /data/hello /data/world
    hello world
    success
    / $ exit
    

    So, what I ended up doing was mounting the volume to another container and change the owner (using uid of the owner I wanted in the final setup) from that container. Apparently uid’s are uid’s regardless. This means that I can run without being root in the final container. Perhaps there are easier ways to do it but this seems to work at least. Something like this: (untested code clip from my final solution)

    docker run -v /opt/app --name Foo ubuntu /bin/bash
    docker run --rm --volumes-from Foo -v $(pwd):/FOO ubuntu bash -c "chown -R 9999 /opt/app"
    docker run -t -i --volumes-from FOO BAR
    
    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.