2023-08-05

Docker Bind Mounts

TLDR: Docker Bind Mounts maintain permissions from host in the container.

Context

I guess pretty much everyone knows when to use bind mounts and when to not. So this time for a certain website, I wanted the host machine to have access to the images uploaded on to the website. The code uses mkdir from nodejs to create the folder.

Actual Problem

All this works when you don’t have to deal with creating a separate user with less privileges according to the security practices on the readme dockerhub.This changes when you create an user with less privileges. Now this function call to mkdir will give you errors. You might think of fixing this by doing RUN chown ... but it is futile as this folder is bind mounted. Why? because bind mounts copy(?)/use the same folder permissions as the host.

Solution

The solution is to simply change the bind mounted folder permissions on the host machine.

So in my case since I was using an user with id 1001 in the container, I had to change the folder permissions on host machine using

sudo chown 1001:1001 -R uploads

Further Reading

• https://stackoverflow.com/a/50325808
• https://techflare.blog/permission-problems-in-bind-mount-in-docker-volume/