Menu
Given the following Dockerfile
FROM ubuntu RUN groupadd mygroup RUN useradd -ms /bin/bash -G mygroup john MKDIR /data COPY test/ /data/test data RUN chown -R john:mygroup /data CMD /bin/bash In my test directory, which is copied I have set the file permissions to 770.
If I do a su john inside my container, I cannot access any of the files or subdirectories in my test directory. It seems this problem is related to the ownership in the aufs filesystem, where the copied directory still is owned by root and permissions are set to 770.
Is there a workaround for this problem to set the permissions correctly? One could be to set the permissions of the original directory to the uid of the container user before copying it. But this seems more like a hack.
851
From the menu select Containers then select the container whose ownership you want to change. Under the Access control section tick the Change ownership checkbox then select the new ownership type, using the table below as a guide.
COPY is a docker file command that copies files from a local source location to a destination in the Docker container. ADD command is used to copy files/directories into a Docker image. It only has only one assigned function. It can also copy files from a URL.
When copying a single file to an existing LOCALPATH, the docker cp command will either overwrite the contents of LOCALPATH if it is a file or place it into LOCALPATH if it is a directory, overwriting an existing file of the same name if one exists. For example, this command: $ docker cp sharp_ptolemy:/tmp/foo/myfile.
Dockerfiles can contain several different instructions, one of which is COPY. The COPY instruction lets us copy a file (or files) from the host system into the image. This means the files become a part of every container that is created from that image.
A --chown flag has finally been added to COPY:
COPY --chown=patrick hostPath containerPath This new syntax seems to work on Docker 17.09.
See the PR for more information.
128
I think I found a solution, which works. Using a data volume container will do the trick. First I create the Data Volume Container, which contains the copy of my external directory:
FROM busybox RUN mkdir /data VOLUME /data COPY /test /data/test CMD /bin/sh In my application container, where I have my users, which could look something like this
FROM ubuntu RUN groupadd mygroup RUN useradd -ms /bin/bash -G mygroup john COPY setpermissions.sh /root/setpermissions.sh CMD /root/setpermissions.sh && /bin/bash The setpermissions script does the job of setting the user permissions:
#!/bin/bash if [ ! -e /data/.bootstrapped ] ; then chown -R john:mygroup /data touch /data/.bootstrapped fi Now I just have to use the --volumes-from <myDataContainerId> when running the application container.
36
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With