Volumes mounted in openssh-server container remains root-owned

LSIO Discussion Container Support
1

Hi,

I’m trying to get a volume which is newly created for the openssh-server container to be writeable as my user (uid=1001, gid=1001), but unfortunately the mount remains owned by root (0:0).

Is there something I can try to get this to be writeable as the user that I specify, save for going in as root and doing a chown?

              {
                    "Type": "volume",
                    "Name": "files",
                    "Source": "/var/lib/containers/user/podman/storage/volumes/files/_data",
                    "Destination": "/files",
                    "Driver": "local",
                    "Mode": "",
                    "Options": [
                         "nosuid",
                         "nodev",
                         "rbind"
                    ],
                    "RW": true,
                    "Propagation": "rprivate"
               }


openssh:/$ ls -ld /files
drwxr-xr-x 1 root root 0 Mar 13 21:31 files
openssh:/$ ls -l files
total 0
openssh:/$ touch files/foo
touch: cannot touch 'files/foo': Permission denied

$ whoami
myuser
$ id -a
uid=1001(myuser) gid=1001(myuser) groups=1001(myuser),1000(users)

 openssh:
    image: lscr.io/linuxserver/openssh-server:latest
    hostname: openssh
    restart: unless-stopped
    environment:
      - PUID=1001
      - PGID=1001
      - USER_NAME=myuser
    volumes:
      - files:/files
      - ssh-config:/config

  volumes:
    files:
2

That’s docker behavior. Docker by default runs as root and if you let docker create a folder, it creates them owned by root.

We fix the permissions on config folders during container start, but not any custom bind mount you may have set.

You can either precreate the folders on host as the correct user (so docker doesn’t create them as root) or you can chown them on host to match the PUID the container is using.

1 Like