How to read and write to mounted volume without running as root?

When mounting a volume with the following command:

docker run -t -i --volumes-from FOO BAR

the volumes from FOO are mounted with root as owner. I can’t read and write to that without running as root as far as I know. Must I run as root or is there some other way?

  • difference between localhost and postgres for host in docker
  • Can you explain Docker with a practical example/case? [closed]
  • Graceful Shutdown of HDFS with Docker
  • What is the difference between the size and the virtual size of the docker images?
  • How to update docker version in AWS ECS
  • getting docker container to never shutdown
  • I have tried by creating the folder with other owner before mounting but the mounting seems to overwrite that.


    Edit: A chown would work if it could be done automatically after the mounting somehow.

  • access docker VM in private network (docker-machine)
  • Change .docker directory on Windows
  • docker unit test setup
  • Celery tasks for different python app in different Docker containers
  • Pull Docker from my private docker-registry without specifying the host
  • How to connect to Postgresql service inside Docker Swarm?
  • 2 Solutions collect form web for “How to read and write to mounted volume without running as root?”

    I’m not sure why you aren’t able to change your folder permissions in your source image. This works without issue in my lab:

    $ cat df.vf-uid
    FROM busybox
    
    RUN mkdir -p /data && echo "hello world" > /data/hello && chown -R 1000 /data
    
    $ docker build -f df.vf-uid -t test-vf-uid .
    ...
    Successfully built 41390b132940
    
    $ docker create --name test-vf-uid -v /data test-vf-uid
    e12df8f84a3b1f113ad5440b62552b40c4fd86f99eec44698af9163a7b960727
    
    $ docker run --volumes-from test-vf-uid -u 1000 -it --rm busybox /bin/sh
    / $ ls -al /data
    total 12
    drwxr-xr-x    2 1000     root          4096 Aug 22 11:44 .
    drwxr-xr-x   19 root     root          4096 Aug 22 11:45 ..
    -rw-r--r--    1 1000     root            12 Aug 22 11:43 hello
    / $ echo "success" >/data/world
    / $ ls -al /data
    total 16
    drwxr-xr-x    2 1000     root          4096 Aug 22 11:46 .
    drwxr-xr-x   19 root     root          4096 Aug 22 11:45 ..
    -rw-r--r--    1 1000     root            12 Aug 22 11:43 hello
    -rw-r--r--    1 1000     root             8 Aug 22 11:46 world
    / $ cat /data/hello /data/world
    hello world
    success
    / $ exit
    

    So, what I ended up doing was mounting the volume to another container and change the owner (using uid of the owner I wanted in the final setup) from that container. Apparently uid’s are uid’s regardless. This means that I can run without being root in the final container. Perhaps there are easier ways to do it but this seems to work at least. Something like this: (untested code clip from my final solution)

    docker run -v /opt/app --name Foo ubuntu /bin/bash
    docker run --rm --volumes-from Foo -v $(pwd):/FOO ubuntu bash -c "chown -R 9999 /opt/app"
    docker run -t -i --volumes-from FOO BAR
    
    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.