How to give docker container write/chmod permissions on mapped volume?

Patric picture Patric · Mar 9, 2017 · Viewed 8.4k times · Source

I have a synology NAS which has docker support and wanted to run some docker containers (I'm pretty new to Docker) on it. For example pocketmine-pm (but I believe I have the write issue also with other containers).

I created a volume on the host and mapped this in the container settings. (And in the synology docker settings for the volume mapping I did not click on "read only").

According to the Dockerfile a new user 'pocketmine' is created inside the container and this user is used to start the server. The user seems to have the user ID 1000 (first UID for new linux users). The container also uses an Entrypoint.sh script to start the server.

Initially the container was not able to write files to the mapped directory. I had to SSH into the host 'chown' the directory for the UID 1000:

sudo chown 1000:1000 /volXy/docker/pocketminemp -R

After that the archive could be downloaded and extracted.

Unfortunately I was not able to connect to the server from my iOS device. The server is listed as 'online' but the connection fails without any specific message. I then checked the logs of the container and saw the following entries (not sure if this really prevents the connection but I will give it a try):

[*] Everything done! Run ./start.sh to start PocketMine-MP
chown: changing ownership of '/pocketmine/entrypoint.sh': Operation not permitted
chown: changing ownership of '/pocketmine/server.properties.original': Operation not permitted
Loading pocketmine.yml...

Apparently the container cannot chown a file it was previously able to download.

Does anybody know what can be done to fix this? Do I need to chmod the mapped volume and why did I need to chown the directory to UID 1000 (a user that doesn't really exist on the host) - isn't there a more elegant way to fix the permissions?

Answer

Jacob picture Jacob · Mar 11, 2017

When you run the container, you should be able to use the --user="uid:gid" flag to specify the user you wish to run the container as.

Source: https://docs.docker.com/engine/reference/run/#user