In docker, writing file to mounted file-system as non-root?

I have a docker container with a -v /home/dan:/home/dan:rw. When the container writes files to /home/dan, the files are owned by root in the host filesystem. Is there a way to make it so that files written from the container to the mounted volume are owned by some arbitrary user on the host filesystem?

  • Can not unmount a device using “umount” in Docker
  • trigger inotify event over NFS on Linux?
  • Running Qt5 GUI in Docker
  • How to use the forever CLI in Docker?
  • Rancher imageUuid not Unique
  • Error in gdata::installXLSXsupport() on Docker Centos 7
  • Docker image versioning and lifecycle management
  • What special precautions must I make for docker apps running as pid 1?
  • Docker on Windows 10 with Maven
  • Docker remove <none> TAG images
  • Oracle 11g docker SELECT very slow
  • Application templates and instances manager for docker deployment?
  • 4 Solutions collect form web for “In docker, writing file to mounted file-system as non-root?”

    EDIT: this has changed since my original answer which said it couldn’t be done. As per answer of Mandark:

    This can be done by using the -u switch for the docker run command.

    For example:

    docker run -v /home/dan:/home/dan -u `id -u $USER` IMAGE
    

    As Fran├žois Zaninotto has pointed out, the user id can be used.

    This can be done by using the -u switch for the docker run command.

    For example:

    docker run -v /home/dan:/home/dan -u `id -u $USER` IMAGE
    

    A follow up to mandark answer – I would say it’s also good to include the user group otherwise you will end up with stuff belonging to user: USER and group: root. To achive user:user just pass in group id as well, for example:

    docker run -v /home/dan:/home/dan -u `id -u $USER`:`id -g $USER` IMAGE
    
    # if it's for the current user, then you can omit the $USER env var
    
    docker run -v /home/dan:/home/dan -u `id -u`:`id -g` IMAGE
    

    It’s possible. It’s hard to automate, but it’s possible. Here is the process:

    1. in the host, determine the current user id and group id
    2. in the docker container, run a shell script to:

      • add a new group with the group id from the host
      • add a new user with the same user id from the host (and belonging to the group just created)
      • sudo as this new user

    Now, each file generated inside the container will be using the right user id and group id, and the host will attach them to your user.

    I’ve written a tool to automate that using make, it’s called make-docker-command. Hope this helps.

    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.