Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

why doesn't chown work in Dockerfile?

Tags:

docker

chown

My Dockerfile creates a directory, chown's it, and then lists the directory afterwards. The directory is still owned by root. Why is that?

Here is the Dockerfile:

FROM ubuntu:precise RUN useradd -d /home/testuser -m -s /bin/bash testuser RUN mkdir -p /var/local/testrunner/logs VOLUME ["/var/local/testrunner/logs"] RUN grep testuser /etc/passwd RUN grep root /etc/passwd RUN chown -R testuser:testuser /var/local/testrunner/logs RUN ls -ld /var/local/testrunner/logs  

Here is the output from "docker build":

Sending build context to Docker daemon 10.24 kB Sending build context to Docker daemon  Step 0 : FROM ubuntu:precise  ---> ab8e2728644c Step 1 : RUN useradd -d /home/testuser -m -s /bin/bash testuser  ---> Using cache  ---> 640f12671c86 Step 2 : RUN mkdir -p /var/local/testrunner/logs  ---> Using cache  ---> bf7756fd5b1f Step 3 : VOLUME ["/var/local/testrunner/logs"]  ---> Using cache  ---> 65c73ee76c20 Step 4 : RUN grep testuser /etc/passwd  ---> Using cache  ---> db72fff0b965 Step 5 : RUN grep root /etc/passwd  ---> Running in ebff78df7a9a root:x:0:0:root:/root:/bin/bash  ---> ead0ff704a59 Removing intermediate container ebff78df7a9a Step 6 : RUN chown -R testuser:testuser /var/local/testrunner/logs  ---> Running in c925f67b2ab4  ---> 253132be935e Removing intermediate container c925f67b2ab4 Step 7 : RUN ls -ld /var/local/testrunner/logs  ---> Running in 978bc66aa47e drwxr-xr-x 2 root staff 4096 Oct  1 15:15 /var/local/testrunner/logs 

Docker version 1.2.0, build fa7b24f

The host runs Ubuntu 12.04, but with a 3.13.0-36-generic kernel.

like image 846
user100464 Avatar asked Oct 01 '14 15:10

user100464


People also ask

What is run Chown in Dockerfile?

The “chown” method If you want to write shared data from within your Docker container and use it from your host regularly, this can get tedious really fast. In addition, this approach can break the dockerized program for future runs, especially if the container's user does not have root permissions.

Does Dockerfile need Workdir?

If the WORKDIR command is not written in the Dockerfile, it will automatically be created by the Docker compiler. Hence, it can be said that the command performs mkdir and cd implicitly. If the project directory does not exist, it will be created. The RUN command will be executed inside project .

Can Dockerfile copy from parent directory?

It turns out that you cannot include files outside Docker's build context. However, you can copy files from the Dockerfile's parent directory.


2 Answers

Answering my own question: it's declared to be a volume. If you take out the VOLUME instruction, the chown takes effect.

What's more, if you declare the volume after running chown, the chown settings remain in effect.

like image 170
user100464 Avatar answered Oct 16 '22 22:10

user100464


This blog http://container42.com/2014/11/03/docker-indepth-volumes/ explains this behaviour in detail.

Each instruction in the Dockerfile creates a new container. The instruction make some changes to this container and becomes a new layer. The changes made to "/var/local/testrunner/logs" before VOLUME instruction were made to the actual container filesystem. However, after VOLUME instruction, the directory "/var/local/testrunner/logs" is the mounted directory. The changes made to this directory after VOLUME instruction will apply on the mounted directory and not the actual container filesystem.

like image 26
hobgoblin Avatar answered Oct 16 '22 21:10

hobgoblin