Docker User Management

I am a bit confused about the way you manage containers. Actually, when containers are built and and run, they are mapped to default root user and as a result any associated volumes with the host machine are also mapped with the root user. But in your configurations, shared volume data/ keeps being associated with host user and not root docker user. I am curious about how it is possible.

To find the roots, I tried to dig further inside the code and found that for development you actually create a new user with appropriate USER_ID=1000,GROUP_ID=1000 and that actually resolves the issue, but I could not find this kind of configuration for production (local) deployment.

Please, can you elaborate on this?

Hi @bedilbek!

The data/ folder is indeed associated to the host user, but it is not a shared volume. All the folders inside data are shared volumes, and they are (most of the time) owned by root. For instance, on my machine I get:

{13:28}~ ➭ cd $(tutor config printroot)
{13:28}~/.local/share/tutor ➭ ls -n
total 16
-rw-r--r--  1 1000 1000 4210 mars  25 18:45 config.yml
drwxr-xr-x 18    0    0 4096 mars   3 15:53 data
drwxr-xr-x  9 1000 1000 4096 févr. 26 17:50 env
{13:28}~/.local/share/tutor.local ➭ ls -n data
total 64
drwxr-xr-x 2    0   0 4096 févr. 16 15:57 android
drwxr-xr-x 7 1000   0 4096 mars  10 09:33 cms
drwxr-xr-x 4    0   0 4096 janv.  8 10:43 discovery
drwxr-xr-x 4    0   0 4096 nov.  22 12:07 ecommerce
drwxr-xr-x 4  105 108 4096 févr. 26 11:37 elasticsearch
drwxr-xr-x 6    0   0 4096 mars  11 15:50 journal
drwxr-xr-x 2    0   0 4096 oct.  22 23:00 letsencrypt
drwxr-xr-x 8 1000   0 4096 mars  10 09:35 lms
drwxr-xr-x 7    0   0 4096 oct.  21 21:51 minio
drwxr-xr-x 4  999   0 4096 mars  25 19:01 mongodb
drwxr-xr-x 6    0   0 4096 mars   9 14:03 monitor
drwxr-xr-x 7  999 999 4096 mars  25 18:42 mysql
drwxr-xr-x 3 1000   0 4096 mars  25 18:42 openedx
drwxr-xr-x 4 1000   0 4096 mars  10 09:33 openedx-media
drwxr-xr-x 3  100   0 4096 oct.  18 11:43 rabbitmq
drwxr-xr-x 2    0   0 4096 oct.  21 13:17 xqueue

As you can see, all mounted volumes are indeed owned by root, just like you would expect it.

Does that answer your question?

1 Like

Yes, thank you. To some strange point, I just looked at the data directory and thought all of the directories inside are also associated to the host user.