I’ve been playing around with Docker for a while and keep on finding the same issue when dealing with persistent data.
I create my Dockerfile and expose a volume or use --volumes-from to mount a host folder inside my container.
What permissions should I apply to the shared volume on the host?
I can think of two options:
-
So far I’ve given everyone read/write access, so I can write to the folder from the Docker container.
-
Map the users from host into the container, so I can assign more granular permissions. Not sure this is possible though and haven’t found much about it. So far, all I can do is run the container as some user:
docker run -i -t -user="myuser" postgres, but this user has a different UID than my hostmyuser, so permissions do not work. Also, I’m unsure if mapping the users will pose some security risks.
Are there other alternatives?
How are you guys/gals dealing with this issue?