Build development environments from a Dockerfile on Docker, Kubernetes, and OpenShift. Enable developers to modify their development environment quickly.
Apache License 2.0
142
stars
26
forks
source link
usability: fix ownership of Docker volume mounts to /home #229
When using Docker, a volume is populated with the initial ownership based on the USER directive.
In the case of Envbuilder, this will always be root:root.
The net result of this is that if you create a Docker volume mounted at /home/someuser and run an envbuilder container that builds an image containing someuser, the resulting user's home directory will be owned by root:root.
Example:
$ docker volume create test_coder_home
$ docker run -it --rm -v test_coder_home:/home/coder -e ENVBUILDER_FALLBACK_IMAGE=codercom/enterprise-
minimal:ubuntu -e ENVBUILDER_INIT_SCRIPT=/bin/sh ghcr.io/coder/envbuilder-preview:latest
[...]
$ cd
$ ls -l ../
total 4
drwxr-xr-x 2 root root 4096 Jun 10 14:35 coder
$ touch test
touch: cannot touch 'test': Permission denied
In Kubernetes-land, you would generally fix this by specifying fsGroup or adding an init container to fix ownership. This isn't as much of an option here.
When using Docker, a volume is populated with the initial ownership based on the
USER
directive.In the case of Envbuilder, this will always be
root:root
.The net result of this is that if you create a Docker volume mounted at
/home/someuser
and run an envbuilder container that builds an image containingsomeuser
, the resulting user's home directory will be owned byroot:root
.Example:
In Kubernetes-land, you would generally fix this by specifying
fsGroup
or adding an init container to fix ownership. This isn't as much of an option here.