Docker卷和主机权限
[英]Docker volume and host permissions
问题描述
When I run a docker image for example like 
当我运行docker图像时,例如
docker run -v /home/n1/workspace:/root/workspace -it rust:latest bash
and I create a directory in the container like 我在容器中创建一个目录
mkdir /root/workspace/test
It's owned by root on my host machine. 它由我的主机上的root拥有。 Which leads to I have to change the permissions everytime after I turn of the container to be able to operate with that directory. 这导致我必须在我转动容器后每次都更改权限,以便能够使用该目录进行操作。
Is there a way how to tell Docker to handle directories and files from my machine (host machine) point of view under a certain user? 有没有办法告诉Docker在某个用户下从我的机器(主机)角度处理目录和文件?
2 个解决方案
解决方案1
2 2018-12-24 15:19:18
You need to run your application as the same uid inside the container as you do on the host to get file ownership to match. 您需要像在主机上一样将容器中的应用程序作为相同的uid运行,以使文件所有权匹配。 My own solution for this is to start the container as root, adjust the uid of the user inside the container to match the volume mount, and then su to the user to run the app. 我自己的解决方案是以root身份启动容器,调整容器内用户的uid以匹配卷挂载,然后su给用户运行应用程序。 Scripts for this can be found in this repo: https://github.com/sudo-bmitch/docker-base 可以在此repo中找到此脚本: https : //github.com/sudo-bmitch/docker-base
The in that repo, the fix-perms script handles the change in uid/gid inside the container, and the entrypoint script has an exec gosu $username "$@" that runs the app as the selected user. 在该repo中,fix-perms脚本处理容器内uid / gid的更改,而入口点脚本有一个exec gosu $username "$@" ,它以所选用户的身份运行应用程序。
解决方案2
1 已采纳 2018-12-23 09:08:40
Sure, because Docker uses root as a default user. 当然,因为Docker使用root作为默认用户。 You should create user in your docker container, switch to that user and then make folder, then you will get them without root permissions on you host machine. 您应该在docker容器中创建用户,切换到该用户然后创建文件夹,然后您将在主机上获得没有root权限的用户。
Dockerfile Dockerfile
FROM rust:latest
...
RUN useradd -ms /bin/bash myuser
USER myuser
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.