In docker, writing file to mounted file-system as non-root?

I have a docker container with a -v /home/dan:/home/dan:rw. When the container writes files to /home/dan, the files are owned by root in the host filesystem. Is there a way to make it so that files written from the container to the mounted volume are owned by some arbitrary user on the host filesystem?

  • Huge files in Docker containers
  • Docker reuse port in a consul TCP health check cycle
  • Operation not permitted systemctl with docker + systemctl
  • How to run multiple supporting apps (tomcat) on my local mac which I don't modify?
  • docker apt-get multiple gets (can it be reduced?)
  • Wrap origin public Dockerfile to manage build args, etc
  • bash script to run tests in multiple docker-compose environments
  • Couchbase PHP SDK in Docker Container
  • Specify linux interface for docker container
  • Mesosphere local development
  • Docker container does not give me a shell
  • docker not opening ports on OSX
  • 4 Solutions collect form web for “In docker, writing file to mounted file-system as non-root?”

    EDIT: this has changed since my original answer which said it couldn’t be done. As per answer of Mandark:

    This can be done by using the -u switch for the docker run command.

    For example:

    docker run -v /home/dan:/home/dan -u `id -u $USER` IMAGE
    

    As Fran├žois Zaninotto has pointed out, the user id can be used.

    This can be done by using the -u switch for the docker run command.

    For example:

    docker run -v /home/dan:/home/dan -u `id -u $USER` IMAGE
    

    A follow up to mandark answer – I would say it’s also good to include the user group otherwise you will end up with stuff belonging to user: USER and group: root. To achive user:user just pass in group id as well, for example:

    docker run -v /home/dan:/home/dan -u `id -u $USER`:`id -g $USER` IMAGE
    
    # if it's for the current user, then you can omit the $USER env var
    
    docker run -v /home/dan:/home/dan -u `id -u`:`id -g` IMAGE
    

    It’s possible. It’s hard to automate, but it’s possible. Here is the process:

    1. in the host, determine the current user id and group id
    2. in the docker container, run a shell script to:

      • add a new group with the group id from the host
      • add a new user with the same user id from the host (and belonging to the group just created)
      • sudo as this new user

    Now, each file generated inside the container will be using the right user id and group id, and the host will attach them to your user.

    I’ve written a tool to automate that using make, it’s called make-docker-command. Hope this helps.

    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.