Docker volume NFS uid

Question

I'm in the process of setting up dovecot as docker container. I want to store the Maildir via NFS on a NAS.

I'm creating the docker volume like this:

docker volume create \
  --driver local \
  --opt type=nfs \
  --opt o=addr=<ip>,rw \
  --opt device=:/vmail \
  vmail

in the Dockerfile , I have:

RUN useradd -m -p vmail -s /bin/false vmail
VOLUME /home/vmail

and to run the docker container, I call:

docker run \
  -dit \
  -p 993:993 \
  --mount source=vmail,target=/home/vmail \
  my_dovecot

but as a result I get:

docker: Error response from daemon: chown /var/lib/docker/volumes/vmail/_data: operation not permitted.

The issue is clearly related to the way I mount the NFS volume, as - if I drop the --mount statement - it works ok (but obviously can't access my Maildir data from the NAS). I'm pretty sure that this is related to the fact that dovecot is trying to access the Maildir as vmail user, and that user doesn't have permissions on the NFS share - but even giving everybody write access on the NFS share doesn't make a difference.

I'm looking for any advice to get this NFS volume properly mounted into my docker container.

Regards StHeine

Answer 1

in the meantime I found the issue. to fix this, I had to remove the -m in the useradd command to prevent it from creating the /home/vmail directory:

RUN useradd -p vmail -s /bin/false vmail
VOLUME /home/vmail

because if that exists, mounting the volume into that same place, docker tries to copy existing folder data into the volume and chown this to the volume's ownership. due to the fact that the volume comes via NFS from a NAS is doesn't have proper uids, but nobody - and chown fails.

I found references to nocopy to prevent docker from doing this, but I haven't figured how to set that in the docker create statement.