Docker - container started by docker-compose changing file ownership to root

Question

I am starting six or seven containers via a docker-compose file. One container is causing a major problem! Here is the relevant section:

services:
    ...
    main-app:
    image: mycompany/sys:1.2.3
    container_name: "main-app-container"
    ports:
    - "8080:8080"
    - "8009"
    volumes:
     - db_data:/var/lib/home/data:rw
     - /opt/mycompany/sys/config:/opt/mycompany/sys/config:rw
    networks:
    - systeminternal
    hostname:  "mylocalhost.company.com" 
volumes:
    db_data:
    driver: local
networks:
    systeminternal:

When the main-app-container is started via docker-compose up (as the root user) the file system privileges in many of the directories in the committed container are all changed to root! This is running on Ubuntu 14.04, Docker 1.12.x (not sure which x).

We have another system where we run everything as a local user. When we exec a shell into that container, all the file privileges are of our local user that was ownership as it was committed. From googling, I am pretty sure it has something to do with the volumes, but could not find anything definitive. Any help is welcome!

Answer 1

This is the expected behavior for host-mounts, that said, everything inside /opt/mycompany/sys/config will be having the same UID/GID the files have on the host - that is by design.

Either change the files to the uid/gid you need on the host: chown -R 123:321 /opt/mycompany/sys/config or setup your container to be happy to use the uid/gid of the host.

It has nothing to do with docker-compose, it would happen the same way when you use

docker run -v /opt/mycompany/sys/config:/opt/mycompany/sys/config mycompany/sys:1.2.3