使用绑定安装,目录链的权限授予nobody:nogroup

时间:2019-06-21 10:19:04

标签: docker docker-compose

我的Dockerfile看起来像

FROM  ubuntu:xenial

Some RUN commands

WORKDIR /app

COPY . /app

ENV PYTHONPATH="/app/candis"

EXPOSE 5000 8888

CMD ["python3", "-m", "candis"]

我的docker-compose看起来像


x-defaults: &defaults
  restart: unless-stopped
services:
  db:
    <<: *defaults
    image: postgres
    networks:
      - db
    expose:
      - "5432"
    app:
    <<: *defaults
    build:
       context: .
       dockerfile: ./compose/development/flask/Dockerfile
    environment:
      CANDIS_DATABASE_HOST: db
      CANDIS_CACHE_HOST: cache
    networks:
      - db
      - cache
      - proxy

    depends_on:
      - db
    volumes:
      - .:/app
    ports:
      - "5000:5000"
      - "8888:8888"     
    cache:
    <<: *defaults
    image: redis
    networks:
      - cache
    proxy:
    <<: *defaults
    image: nginx
    depends_on:
      - app
    volumes:
      - ./nginx.conf:/etc/nginx/nginx.conf
    ports:
      - "4000:80"
    networks:
      - proxy
networks:
  db:
    driver: bridge
  cache:
    driver: bridge
  proxy:
    driver: bridge 

当我通过在卷中将其表示为.:/app来绑定挂载/ app目录时,它将被挂载在容器中,但是默认情况下它的权限不是root:root,而是被更改为nnobody:nogroup 。为什么?当我进入容器并执行ls -al时,每个文件的权限显示为nobody:nogroup。尽管我的用户是root用户,但他仍然无法在/ app目录中进行任何更改。

0 个答案:

没有答案