Run docker containers as subscription user
Currently all containers are run as root user, however when mapping persistent volumes into subscription directories e.g. databases/config/logs, the UID that runs inside the containers are not linked to a UID outside, so containers that have restrictive file permissions (i.e. 600) in the persistent volumes, when subscription level actions are run e.g. backups, these files are not accessible by the subscription user.
Would be nice to specify a subscription user to run the docker container with (on docker cli it is possible to pass the user flag along with a UID) so that the resulting files are accessible by the subscription user correctly)
Martin Allen
shared this idea
Thank you for your idea! We will consider this functionality in upcoming releases if it will be popular.
Everyone, please continue voting for this feature if you consider it important.
-- PD
-
As an example of this we running eclipse mosquitto (MQTT broker) with the database, logs and config as a persistent volume in a subscription directory. However the container places restrictive file permissions on these files (600) and so backups cannot access these files when run as the subscription user, so they do not get backed up. It is possible to edit the file permissions for some files, but when new files are created they are not accessible.