https://github.com/gnat/rootless-docker-file-ownership
👤 Reclaim file ownership back to user who starts a rootless container (1000), from the container operating User (100998, 100000 ...)
https://github.com/gnat/rootless-docker-file-ownership
rootless-docker
Last synced: 3 months ago
JSON representation
👤 Reclaim file ownership back to user who starts a rootless container (1000), from the container operating User (100998, 100000 ...)
- Host: GitHub
- URL: https://github.com/gnat/rootless-docker-file-ownership
- Owner: gnat
- Created: 2022-03-16T12:28:31.000Z (about 4 years ago)
- Default Branch: main
- Last Pushed: 2022-03-16T12:44:17.000Z (about 4 years ago)
- Last Synced: 2024-12-31T16:50:19.347Z (over 1 year ago)
- Topics: rootless-docker
- Language: Shell
- Homepage:
- Size: 5.86 KB
- Stars: 1
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Rootless Docker File Ownership Helper
To help people running into this blocker until Docker gets around to resolving this issue.
Reclaim file ownership back to user who starts a rootless container (1000), from the container operating User (typically 100998, 100000 ...)
### docker_reclaim.sh
```bash
#!/bin/bash
# Reclaims permissions back to the invoking user (from rootless docker 100000+ UID operating users)
# You can also: sudo chown ${USER}:${USER} -R .
# Great for git commits and backups.
# This script can be removed one day if rootless docker handles it, or if we switch to podman (slower than docker as of this writing).
set -x
nsenter -U --preserve-credentials -n -m -t $(cat $XDG_RUNTIME_DIR/docker.pid) /usr/bin/chown -R root:root $(pwd)
```
### Friendly reminders
* root from within the container namespace refers to the non-root invoking User.
* Rootless Docker currently does not handle this as of this writing (March 2022).
### References
* https://man7.org/linux/man-pages/man1/nsenter.1.html
* https://www.redhat.com/sysadmin/container-namespaces-nsenter