Can I change owner of directory that is mounted on volume in IBM containers?

Question

I\'m trying to launch postgres in IBM containers. I have just created volume by:

$ cf ic volume create pgdata

Then mount it:

Answer 1

In IBM Containers, the user namespace is enabled for docker engine. When, the user namespace is enabled, the effective root inside the container is a non-root user out side the container process and NFS is not allowing the mapped non-root user to perform the chown operation on the volume inside the container. Please note that the volume pgdata is a NFS, this can verified by executing mount -t nfs4 from container.

You can try the workaround suggested for How can I fix the permissions using docker on a bluemix volume?

In this scenario it will be

1. Mount the Volume to `/mnt/pgdata` inside the container

cf ic run --volume pgdata:/mnt/pgdata -p 22 registry.ng.bluemix.net/ruimo/pgsql944-cli

2. Inside the container

2.1 Create "postgres" group and user    
groupadd --gid 1010 postgres
useradd --uid 1010 --gid 1010 -m --shell /bin/bash postgres

2.2 Add the user to group "root"
adduser postgres root
chmod 775 /mnt/pgdata

2.3 Create pgsql directory under bind-mount volume
su -c "mkdir -p /mnt/pgdata/pgsql" postgres
ln -sf /mnt/pgdata/pgsql /var/pgsql

2.2 Remove the user from group "root"
deluser postgres root
chmod 755 /mnt/pgdata

Answer 2

Here are 3 different but possible solutions:

1. Using a dockerfile and doing a chown before mounting the volume.
2. USER ROOT command in dockerfile before you do a chown.
3. Use --cap-add flag.

Answer 3

In your Dockerfile you can modify the permissions of a directory.

RUN chown postgres:postgres pgsql

Additionally when you ssh in you can modify the permissions of the directory by using sudo. sudo chown postgres:postgres pgsql