Installed a new debian server, installed docker, but then now i have a problem with permissions on passed directories.

On the previous server, the uid/gids inside the docker container match the uid/gid on the real server.

Root is 0, www-data is 33, and so on.

On this new server, instead, files owned by root (0) in the container are translated to 1000 on the server, www-data (33) is 100032, and so on (+1000 appended to the uid)

Is this normal or did I misconfigure something? On the previous server I was running everything as root (the interactive user was root), and i would like to avoid that

  • 𝘋𝘪𝘳𝘬
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    You don’t need to create the user first. Here’s the simplest I can come up with:

    FROM alpine:latest
    COPY myscript.sh /app/myscript.sh
    USER 10000:10001
    CMD ["sh", "/app/myscript.sh"]
    

    This simply runs /app/myscript.sh with UID 10000 and GID 10001.

    • Appoxo@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Wasnt aware that you can just think of IDs from fresh air.
      Thought it was to create the user and ID manually amd then be able to use it.

      • 𝘋𝘪𝘳𝘬
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Yep! The names are basically just a convenient way for referencing a user or group ID.

        Under normal circumstances you should let the system decide what IDs to use, but in the confined environment of a docker container you can do pretty much what you want.

        If you really, really, really want to create a user and group just set the IDs manually:

        FROM alpine:latest
        COPY myscript.sh /app/myscript.sh
        RUN addgroup -g 10001 mycoolgroup && adduser -D -u 10000 -G mycoolgroup mycooluser
        USER mycooluser:mycoolgroup
        CMD ["sh", "/app/myscript.sh"]
        

        Just make sure to stay at or above 10000 so you won’t accidentally re-use IDs that are already defined on the host.