How to read and write to mounted volume without running as root?

When mounting a volume with the following command:

docker run -t -i --volumes-from FOO BAR

the volumes from FOO are mounted with root as owner. I can’t read and write to that without running as root as far as I know. Must I run as root or is there some other way?

  • Using Docker to create “restorable” MySQL database for UI testing
  • Setting Docker Variables
  • Access IP address of Couchbase container on Docker Swarm cluster
  • docker build and publish plugin usage
  • Nginx Cache file is too small
  • receiving runtime error on docker container only for specific machine
  • I have tried by creating the folder with other owner before mounting but the mounting seems to overwrite that.


    Edit: A chown would work if it could be done automatically after the mounting somehow.

  • connecting to a docker-compose mysql container denies access but docker running same image does not
  • rails docker app bundle rake aborted
  • Deploying new versions of an image instantly
  • Why volume mapping does not work? [duplicate]
  • Node https.request to Docker API closes before full result is returned
  • exec: “dnu”: executable file not found in $PATH
  • 2 Solutions collect form web for “How to read and write to mounted volume without running as root?”

    I’m not sure why you aren’t able to change your folder permissions in your source image. This works without issue in my lab:

    $ cat df.vf-uid
    FROM busybox
    
    RUN mkdir -p /data && echo "hello world" > /data/hello && chown -R 1000 /data
    
    $ docker build -f df.vf-uid -t test-vf-uid .
    ...
    Successfully built 41390b132940
    
    $ docker create --name test-vf-uid -v /data test-vf-uid
    e12df8f84a3b1f113ad5440b62552b40c4fd86f99eec44698af9163a7b960727
    
    $ docker run --volumes-from test-vf-uid -u 1000 -it --rm busybox /bin/sh
    / $ ls -al /data
    total 12
    drwxr-xr-x    2 1000     root          4096 Aug 22 11:44 .
    drwxr-xr-x   19 root     root          4096 Aug 22 11:45 ..
    -rw-r--r--    1 1000     root            12 Aug 22 11:43 hello
    / $ echo "success" >/data/world
    / $ ls -al /data
    total 16
    drwxr-xr-x    2 1000     root          4096 Aug 22 11:46 .
    drwxr-xr-x   19 root     root          4096 Aug 22 11:45 ..
    -rw-r--r--    1 1000     root            12 Aug 22 11:43 hello
    -rw-r--r--    1 1000     root             8 Aug 22 11:46 world
    / $ cat /data/hello /data/world
    hello world
    success
    / $ exit
    

    So, what I ended up doing was mounting the volume to another container and change the owner (using uid of the owner I wanted in the final setup) from that container. Apparently uid’s are uid’s regardless. This means that I can run without being root in the final container. Perhaps there are easier ways to do it but this seems to work at least. Something like this: (untested code clip from my final solution)

    docker run -v /opt/app --name Foo ubuntu /bin/bash
    docker run --rm --volumes-from Foo -v $(pwd):/FOO ubuntu bash -c "chown -R 9999 /opt/app"
    docker run -t -i --volumes-from FOO BAR
    
    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.