How to read and write to mounted volume without running as root?
When mounting a volume with the following command:
docker run -t -i --volumes-from FOO BAR
the volumes from FOO are mounted with root as owner. I can’t read and write to that without running as root as far as I know. Must I run as root or is there some other way?
I have tried by creating the folder with other owner before mounting but the mounting seems to overwrite that.
chown would work if it could be done automatically after the mounting somehow.
2 Solutions collect form web for “How to read and write to mounted volume without running as root?”
I’m not sure why you aren’t able to change your folder permissions in your source image. This works without issue in my lab:
$ cat df.vf-uid FROM busybox RUN mkdir -p /data && echo "hello world" > /data/hello && chown -R 1000 /data $ docker build -f df.vf-uid -t test-vf-uid . ... Successfully built 41390b132940 $ docker create --name test-vf-uid -v /data test-vf-uid e12df8f84a3b1f113ad5440b62552b40c4fd86f99eec44698af9163a7b960727 $ docker run --volumes-from test-vf-uid -u 1000 -it --rm busybox /bin/sh / $ ls -al /data total 12 drwxr-xr-x 2 1000 root 4096 Aug 22 11:44 . drwxr-xr-x 19 root root 4096 Aug 22 11:45 .. -rw-r--r-- 1 1000 root 12 Aug 22 11:43 hello / $ echo "success" >/data/world / $ ls -al /data total 16 drwxr-xr-x 2 1000 root 4096 Aug 22 11:46 . drwxr-xr-x 19 root root 4096 Aug 22 11:45 .. -rw-r--r-- 1 1000 root 12 Aug 22 11:43 hello -rw-r--r-- 1 1000 root 8 Aug 22 11:46 world / $ cat /data/hello /data/world hello world success / $ exit
So, what I ended up doing was mounting the volume to another container and change the owner (using uid of the owner I wanted in the final setup) from that container. Apparently uid’s are uid’s regardless. This means that I can run without being root in the final container. Perhaps there are easier ways to do it but this seems to work at least. Something like this: (untested code clip from my final solution)
docker run -v /opt/app --name Foo ubuntu /bin/bash docker run --rm --volumes-from Foo -v $(pwd):/FOO ubuntu bash -c "chown -R 9999 /opt/app" docker run -t -i --volumes-from FOO BAR