Say I have a short-lived container that creates a file inside an attached volume. Most off-the-shelf images run stuff as root in containers, so unless I do extra stuff in the container the file ends up owned by root on the host. I want that file owned by me.
docker run
has a --user
argument that allows forcing a specific uid/gid of the first process started in the container. This seems to work in some cases. For example:
host$ mkdir dockTmp
host$ docker run -u $UID:$(id -g) -v $(pwd)/dockTmp:/tmp/dockTmp --rm -it ubuntu:16.04 /bin/bash
groups: cannot find name for group ID 1000
I have no name!@1f64238ff7d4:/$ touch /tmp/dockTmp/foo
I have no name!@1f64238ff7d4:/$ ls -l /tmp/dockTmp/foo
-rw-r--r-- 1 1000 1000 0 Nov 11 07:22 /tmp/dockTmp/foo
(Ctrl-d)
host$ ls -l dockTmp/foo
-rw-r--r-- 1 adamm adamm 0 Nov 10 23:22 dockTmp/foo
Other times, not so much:
host$ docker run -u $UID:$(id -g) --rm -it tensorflow/tensorflow:nightly
Traceback (most recent call last):
File "/usr/local/bin/jupyter-notebook", line 11, in <module>
sys.exit(main())
File "/usr/local/lib/python2.7/dist-packages/jupyter_core/application.py", line 266, in launch_instance
return super(JupyterApp, cls).launch_instance(argv=argv, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/traitlets/config/application.py", line 657, in launch_instance
app.initialize(argv)
File "<decorator-gen-7>", line 2, in initialize
File "/usr/local/lib/python2.7/dist-packages/traitlets/config/application.py", line 87, in catch_config_error
return method(app, *args, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/notebook/notebookapp.py", line 1366, in initialize
self.init_configurables()
File "/usr/local/lib/python2.7/dist-packages/notebook/notebookapp.py", line 1100, in init_configurables
connection_dir=self.runtime_dir,
File "/usr/local/lib/python2.7/dist-packages/traitlets/traitlets.py", line 556, in __get__
return self.get(obj, cls)
File "/usr/local/lib/python2.7/dist-packages/traitlets/traitlets.py", line 535, in get
value = self._validate(obj, dynamic_default())
File "/usr/local/lib/python2.7/dist-packages/jupyter_core/application.py", line 99, in _runtime_dir_default
ensure_dir_exists(rd, mode=0o700)
File "/usr/local/lib/python2.7/dist-packages/jupyter_core/utils/__init__.py", line 13, in ensure_dir_exists
os.makedirs(path, mode=mode)
File "/usr/lib/python2.7/os.py", line 150, in makedirs
makedirs(head, mode)
File "/usr/lib/python2.7/os.py", line 150, in makedirs
makedirs(head, mode)
File "/usr/lib/python2.7/os.py", line 150, in makedirs
makedirs(head, mode)
File "/usr/lib/python2.7/os.py", line 157, in makedirs
mkdir(name, mode)
OSError: [Errno 13] Permission denied: '/.local'