search

miracle2k / dockerfiles

Some of my dockerfiles.
43 stars 34 forks source link

[gitolite] Feature: Mapping host user and group #9

Closed movcale closed 5 years ago

movcale commented 8 years ago

Hello, My dockerized redmine has need for read only access to dockerized gitolite repository folder (via shared volumes). Unfortunately, gitolite container create a repo folder as [uid=103 gid=109] and with access permissions (drwx------). Of course, user (uid=103) on the host machine does not match real 'git' user (or user, which run my dockerized redmine container) on the host machine.

It will be great implement functionality like this: Mapping host user and group

Mapping host user and group

Per default the container is configured to run redmine as user and group redmine with uid and gid 1000. The host possibly uses this ids for different purposes leading to unfavorable effects. From the host it appears as if the mounted data volumes are owned by the host's user/group 1000.

Also the container processes seem to be executed as the host's user/group 1000. The container can be configured to map the uid and gid of redmine user to different ids on host by passing the environment variables USERMAP_UID and USERMAP_GID. The following command maps the ids to user and group redmine on the host.

docker run --name=redmine -it --rm [options] \
  --env="USERMAP_UID=500" --env="USERMAP_GID=500" \
  sameersbn/redmine:3.3.0-3
movcale commented 8 years ago

As a workaround I did following: Login into gitolite container and change $UMASK to 0027 in .gitolite.rc as described here Add group access to repo dir chmod -R g+rX /home/git/repositories

And add a host machine docker user into host machine group 109, so it can access to shared repository folder usermod -G host_group_with_id_109 host_docker_user

In my case usermod -G messagebus docker because

$ id messagebus uid=102(messagebus) gid=106(messagebus) groups=106(messagebus)

$ ls -l /srv/docker/gitolite/repositories/myrepo.git/ total 32 drwxr-x--- 2 landscape messagebus 4096 Aug 3 15:22 branches -rw-r----- 1 landscape messagebus 66 Aug 3 15:22 config -rw-r----- 1 landscape messagebus 214 Sep 2 14:49 gl-conf -rw-r----- 1 landscape messagebus 23 Aug 3 15:22 HEAD drwxr-x--- 2 landscape messagebus 4096 Aug 3 15:22 hooks drwxr-x--- 2 landscape messagebus 4096 Aug 3 15:22 info drwxr-x--- 125 landscape messagebus 4096 Sep 2 14:50 objects drwxr-x--- 5 landscape messagebus 4096 Aug 3 16:01 refs

miracle2k commented 5 years ago

Closing this because of age, and because the repo moved to https://github.com/miracle2k/docker-gitolite.