0

Here is a problem. Here is a part of my podman-compose.yml

 web: build: . args: USERNAME: ${USERNAME} GROUPNAME: ${GROUPNAME} USERID: ${USERID} GROUPID: ${GROUPID} depends_on: - db environment: - TERMINFO=/etc/terminfo - TERM=xterm-256color - PGHOST=db - DATABASE_URL=postgresql://db - PGUSER=postgres - PGPASSWORD=password - APP_HOST=web userns: keep-id ports: - "3000:3000" volumes: - .:/app:z

This is the call to the podman composer:

podman-compose up --build-arg USERNAME=$(id -un) --build-arg GROUPNAME=$(id -gn) --build-arg USERID=$(id -u) --build-arg GROUPID=$(id -g)

Volume for the web is supposed to be write-accessible from the container and from the host.

In this configuration correspondent folder inside the container and files inside are root owned. If I add a 'U' flag, like this: - .:/app:z,U, folder became write-accessible to the container, but locally, on host it became owned by the user with uid 100999 and gid 100999.

But when I run resulting container with the command

podman run -it -v .:/home/lesha:z --userns=keep-id --entrypoint /bin/sh quotes_web:latest

Ownership is correct inside the container and doesn't changed on the host and everything works as supposed. Any suggestions to fix it for the composer?

This is a Dockerfile:

FROM docker.io/library/ruby:3.0.0-alpine ARG USERNAME ARG GROUPNAME ARG USERID ARG GROUPID COPY run_rails.sh /usr/local/bin RUN chmod +x /usr/local/bin/run_rails.sh WORKDIR /app ENV APPPATH='/app' RUN echo '***' && \ addgroup -g $GROUPID $GROUPNAME && \ adduser -S -u $USERID -G $GROUPNAME -h /home/$USERNAME -s /bin/sh $USERNAME && \ mkdir -p /home/$USERNAME && \ chmod 700 /home/$USERNAME && \ mkdir -p $APPPATH && \ echo "export PATH=$PATH:/home/$USERNAME/.local/share/gem/ruby/3.0.0/bin" >> /home/$USERNAME/.profile && \ echo 'gem: --user-install --env-shebang --no-rdoc --no-ri' >> /home/$USERNAME/.gemrc && \ echo "Change ownership chown -R $USERNAME:$GROUPNAME $APPPATH" && \ chown -R $USERNAME:$GROUPNAME $APPPATH && \ chown -R $USERNAME:$GROUPNAME /home/$USERNAME USER $USERNAME ENTRYPOINT ["run_rails.sh"] EXPOSE 3000

Thank you!

Improve this question

1 Answer 1

Reset to default
0

My bad. Works for me with userns_mode: keep-id instead of userns: keep-id

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.