Creating a new Stack makes directory owned as ROOT #173
Replies: 7 comments 8 replies
-
I noticed that as well, I tend to use PUID= and PGID=, would be nice to not have to keep chowning the compose folder and it's contents. |
Beta Was this translation helpful? Give feedback.
-
Just did a check and for me it's the group (PGID) that needs write permission to allow me to delete dir, when using NFS from OMV |
Beta Was this translation helpful? Give feedback.
-
Yes, please! Owning the files would make my life a lot easier! |
Beta Was this translation helpful? Give feedback.
-
That's a docker (compose) problem. Folders have the correct permissions if you create them first before running docker run/compose. If they don't exist yet, the docker daemon (which runs as root in your case) creates the folders for you and starts the containers afterwards. The fact that non-root user xyz is in the Docker group doesn't make a difference. Being in the Docker group and therefore being able to run docker commands without sudo only tells Linux "user xyz is allowed to talk to the docker socket", communicating with the root user who actually controls the docker daemon and does as xyz says, so to speak. So as long as the Dockge container itself is running as your desired user's UID and has access to the parent folders, Dockge could manage folder permissions. But my guess is this will not be the case for all your other containers. Easiest fix: Have the folders ready with correct permissions before starting the containers. |
Beta Was this translation helpful? Give feedback.
-
In my case, the dockge web interface creates a folder, compose.yaml and the .env file, with the "root:root" ownership, while this ownership is great for 'secrets' files, all other files/dirs could be created with my own "$PUID:$GUID". As it currently is, I have to access the console and change them manually every time (sudo chown $PUID:$GUID $folderpath -Rfv). It would be great if there was some option in the creation/editing menu to set these, and since every new container could be created using a different "$PUID:$GUID" every time, the default values could be defined per user in their respective 'global' configs, just like language currently is, but even if there wasn't any visible menu options in the web interface, just creating the environment variables PUID and GUID inside the dockge docker-compose.yaml to use as system defaults, would help greatly. |
Beta Was this translation helpful? Give feedback.
-
I think, when the processes inside the container would run as a user (e.g. PUID, PGID), then the files outside the container have the same permissions. Of course should the UID und GID have write permissions in the folder. Many of the linuxserver.io images work like this. On many systems the user, that starts the container, has the uid 1000 and the group id 1000 , which belongs to the first created user on the system. |
Beta Was this translation helpful? Give feedback.
-
Maybe creating the volume on the docker host and
and setting the container volume to be I haven't tried it yet, so this theory needs some verification. |
Beta Was this translation helpful? Give feedback.
-
🛡️ Security Policy
Description
When creating a stack with Dockge the directory on the host is owned by root
Ideally passing in the user param into a docker compose should be the fix for this
user: 1001:1001
👟 Reproduction steps
Create a stack using dockage
👀 Expected behavior
Folder should be owned by the user thats passed in (in this case 1001)
😓 Actual Behavior
Folder owned by root
Dockge Version
1.1.1
💻 Operating System and Arch
Arch x64
🌐 Browser
Any
🐋 Docker Version
No response
🟩 NodeJS Version
No response
📝 Relevant log output
No response
Beta Was this translation helpful? Give feedback.
All reactions