Permissions for Persistent Storage Volumes
Some of the Docker containers read/write data to persistent storage volumes. They read/write using the UID/GID of the entrypoint process in the container.
To allow for better access and administration of the files in these volumes, containers should ideally:
- Create files/directories with the owning group set to
- Use a umask of
007: grants read/write permission to the owner and the
- Set the setgid bit on directories (i.e.
The UID and GID of the container actually does not matter as long as the
umask(2) of the container's process can be set.
LinuxServer.io containers allow setting the umask using the
UMASK environment variable.
To ensure files are created with the
servlets GID, the root directory of each volume should have the SetGID bit set. This will ensure that files and directories created within the volume inherit the GID of their parent directory.
Services can have their own users on the host, or they can run as root. The UID/GID of the container does not matter as long as the umask is set. If it is not possible to specify a umask, run the container using the
servlets GID. If using a custom UID, add the user to the