C
C#2w ago
bdcp

Docker non-root access volume for runtime image

I have this Dockerfile 
FROM mcr.microsoft.com/dotnet/runtime:8.0 AS base

USER app
RUN mkdir /home/app/data
WORKDIR /home/app

COPY ./publish .

ENTRYPOINT ["dotnet", "MyProject.dll"]
FROM mcr.microsoft.com/dotnet/runtime:8.0 AS base

USER app
RUN mkdir /home/app/data
WORKDIR /home/app

COPY ./publish .

ENTRYPOINT ["dotnet", "MyProject.dll"]
Something like File.WriteAllText("/home/app/data/file.txt", "lorem ipsum") get permission denied when the volume is mounted in linux 
 docker run --rm \
    -v ./testdata:/home/app/data \
    -e RUN_ON_STARTUP=true \
    $image_name 
 docker run --rm \
    -v ./testdata:/home/app/data \
    -e RUN_ON_STARTUP=true \
    $image_name
I've tried many things related to docker. I suspect it's how the dotnet/runtime image is setup might be the issue. But i'm not that advanced. Ideally, i would like to save the file to /data instead of /home/app/data
2 Replies
dreadfullydistinct
dreadfullydistinct2w ago
If you run ls -l on ./testdata what are the permissions on it? You may need to run chmod o+w to give write (w) access to others (o) Since the app user is not on your system Not a huge Linux permissions expert though
bdcp
bdcp2w ago
Yup that was it, i got helped on stackoverflow 
in your Dockerfile, so your application is running as the predefined app user which has UID 64198.

For you to be able to create files in the mounted directory, UID 64198 needs to be able to create files on the host in the ./testdata directory.

You can do that by giving public write access on the host using chmod o+w ./testdata.

If that's too permissive, you can create a user on the host with UID 64198 and give that user group access to the directory.
in your Dockerfile, so your application is running as the predefined app user which has UID 64198.

For you to be able to create files in the mounted directory, UID 64198 needs to be able to create files on the host in the ./testdata directory.

You can do that by giving public write access on the host using chmod o+w ./testdata.

If that's too permissive, you can create a user on the host with UID 64198 and give that user group access to the directory.
Want results from more Discord servers?
Add your server
More Posts
StateHasChanged not working in timers.Hello, am trying to make a countdown timer to a specific date, it all works but for some reason even✅ how to write web.config for IIS deployI wanted to deploy an ASP.NET Core application to IIS, but when I created the site and configured itThe generated C# executable does not run on empty computers.I have a project that is based on: * A backend, generated with c# with the .net6.0 SDK. * A frontenLibraryImport examples, especially on LinuxHas anyone got examples of usage of the newer LibraryImport infrastructure (?) as opposed to DllImpo✅ Namespace errorThe type or namespace name 'Game' does not exist in the namespace 'Rhythm_Flow' (are you missing an method with object lists errorHey all, new to C# and am trying to learn some basics, so im starting by making a trivia game, howev✅ The code doesnt work as intendedThe user is suppoed to write how many points(poäng) the user have, for example 100 points, and the phttps://github.com/Sudhanshu-GIT-00/.Net_Microservices.githai my problem is when we try the new register login the giving the error but the data is come in i migrating from sqlserver to mongo db but in login the page throeing an errror ExpressionNotSupportwhen i click on the login button it throws me an error ExpressionNotSupportedException: Expression nProblem while "dotnet ef migrations add Init"When I'm trying to add data base migration i get error "The seed entity for entity type 'Contract' c