In docker, writing file to mounted file-system as non-root?

I have a docker container with a -v /home/dan:/home/dan:rw. When the container writes files to /home/dan, the files are owned by root in the host filesystem. Is there a way to make it so that files written from the container to the mounted volume are owned by some arbitrary user on the host filesystem?

  • Knife Container issue
  • docker run -> name is already in use by container
  • docker 1.7 multiple port mapping at run failure
  • Connect to windows image fails with cmd
  • What is the minimum healthy percent and maximum percent in Amazon ECS
  • What alternatives are there to using npm install --unsafe?
  • register docker container to host network dns
  • Edit apache configuration in docker
  • No access to a linked container with docker run (mapping in /etc/hosts not exist)
  • Docker link to existing container or image at build
  • Implementing Simulation application using AKKA
  • Starting a system service in a Docker container
  • 4 Solutions collect form web for “In docker, writing file to mounted file-system as non-root?”

    EDIT: this has changed since my original answer which said it couldn’t be done. As per answer of Mandark:

    This can be done by using the -u switch for the docker run command.

    For example:

    docker run -v /home/dan:/home/dan -u `id -u $USER` IMAGE
    

    As Fran├žois Zaninotto has pointed out, the user id can be used.

    This can be done by using the -u switch for the docker run command.

    For example:

    docker run -v /home/dan:/home/dan -u `id -u $USER` IMAGE
    

    A follow up to mandark answer – I would say it’s also good to include the user group otherwise you will end up with stuff belonging to user: USER and group: root. To achive user:user just pass in group id as well, for example:

    docker run -v /home/dan:/home/dan -u `id -u $USER`:`id -g $USER` IMAGE
    
    # if it's for the current user, then you can omit the $USER env var
    
    docker run -v /home/dan:/home/dan -u `id -u`:`id -g` IMAGE
    

    It’s possible. It’s hard to automate, but it’s possible. Here is the process:

    1. in the host, determine the current user id and group id
    2. in the docker container, run a shell script to:

      • add a new group with the group id from the host
      • add a new user with the same user id from the host (and belonging to the group just created)
      • sudo as this new user

    Now, each file generated inside the container will be using the right user id and group id, and the host will attach them to your user.

    I’ve written a tool to automate that using make, it’s called make-docker-command. Hope this helps.

    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.