search

EPFL-LCSB / pytfa

A Python 3 implementation of Thermodynamics-based Flux Analysis
https://lcsb.epfl.ch/
Apache License 2.0
38 stars 26 forks source link

Permission denied when running the docker image #9

Open Midnighter opened 6 years ago

Midnighter commented 6 years ago

So, my local user is part of the docker group. That leads to the following situation when using the run command that mounts my local work and pytfa directories into the container:

My local user cannot be mapped to a user in the docker container. Thus /home/pytfa/work and /src/pytfa are owned by 1001:1001 and access is denied to the pytfa user.

Although it can be useful, of course, to mount volumes into the container I'd say it shouldn't be necessary for the functioning of the image. Unfortunately, it is necessary as pytfa won't be installed.

If you really want to keep this behavior, an entrypoint script might be the right way to go. See this comment.

psalvy commented 6 years ago

I chose to mount the code like this because it is a common practice (although admittedly not universal) for development (see this thread). Of course once we'll get to a production code an adequate COPY would be a better option.

psalvy commented 6 years ago

I stumbled upon this in an unrelated project: add the flags 

-e PGID=<gid> -e PUID=<uid>

In the run command to export environment variables linked to your user and group. You can get the relevant information with 

id <your_username>
Midnighter commented 6 years ago 
docker run -e PGID=$(id -g) -e PUID=$(id -u)

That could be a great option.

Midnighter commented 6 years ago

That's probably similar to running the image as user:

docker run --user "$(id -u):$(id -g)"

I'll check if that conflicts with any other parts that require permissions for the original docker user.