44

I'm using Docker (1.3.1) to build RPMs inside a container:

docker run -v /home/matt/build:/build build-rpm /build/build-pkg.sh

This works fine (my user is in the docker group, so I don't need to sudo) and drops a completed .rpm file in the current directory. The problem is that the file is created as owned by root.

How can I arrange it so that the file is created owned by the same user as I run docker with?

Matt R
  • 9,892
  • 10
  • 50
  • 83
  • "so that the file is created owned by the same user as I run docker with" But this is root inside the docker virtual environment, it doesn't know what your user is. – Paul Oliver May 05 '15 at 11:46
  • 3
    see my answer on this question - http://stackoverflow.com/questions/27925006/using-host-environment-variables-with-dockerfile – ISanych May 05 '15 at 11:56
  • 2
    @PaulOliver processes running in the Docker container don't know what my host user is, just as they don't know where on the host I've mounted the volume. However, Docker does let me specify where on the host the volume lives; similarly, can I specify what (host) user new files are created as? – Matt R May 05 '15 at 12:02
  • 1
    @ISanych -- nice, your solution is clever and works (wish Docker had a simpler solution, but...) – Matt R May 05 '15 at 12:29

2 Answers2

12

You could try to create (in the Dockerfile of a custom image) a user and set it as the one used by the container

RUN adduser --system --group --shell /bin/sh auser \
 && mkdir /home/auser/bin
USER auser

Then check if a docker run -v /home/matt/build:/build build-rpm mounts the shared folder in /build as auser.

Another option mentioned in issue 2259:

If you chown the volume (on the host side) before bind-mounting it, it will work.
In that case, you could do:

mkdir /tmp/www
chown 101:101 /tmp/www
docker run -v /tmp/www:/var/www ubuntu stat -c "%U %G" /var/www

(Assuming that 101:101 is the UID:GID of the www-data user in your container.)

VonC
  • 1,262,500
  • 529
  • 4,410
  • 5,250
3

Docker runs as root and has no idea what your user is inside its virtual environment (even if you're in the sudoers group). But you can create a non-root user while building your docker image that can be called whatever you like.

# create a non-root user named tester, 
# give them the password "tester" put them in the sudo group
RUN useradd -d /home/tester -m -s /bin/bash tester && echo "tester:tester" | chpasswd && adduser tester sudo

# start working in the "tester" home directory
WORKDIR /home/tester
COPY ./src

# Make the files owned by tester
RUN chown -R tester:tester /home/tester

# Switch to your new user in the docker image
USER tester
Paul Oliver
  • 7,531
  • 5
  • 31
  • 34
  • 32
    I'm not too worried about the container's idea of what user it is inside the container. However, from the host's point of view, I want the file to end up owned by the user who launched the `docker run` command. Would this approach help with that? – Matt R May 05 '15 at 11:58
  • 1
    The file wouldn't be owned by you unless you copied it back to your machine with the same UID and GID. http://superuser.com/questions/580592/does-file-user-ownership-change-when-transferring-files-between-computers – Paul Oliver May 05 '15 at 12:11
  • 2
    I guess. I'm used to the simple story manipulate `/vagrant` on a Vagrant VM: the guest's view of the file's owner is different to the host's. – Matt R May 05 '15 at 12:31