Why Docker Creates Root‑Owned Files and How to Fix Permission Errors
This article explains why Docker‑run creates directories owned by root, how missing user specifications cause permission denied errors for other applications, and provides step‑by‑step commands to identify the UID/GID and run containers with the correct non‑root user.
Background
A batch‑processing job was deployed with Docker. After launch, other applications could not access the directories created by the Docker job because the files were owned by root.
Phenomenon
The job creates directories and files, but when another process tries to read or write them it receives a Permission denied error. Inspection shows the generated paths are owned by root even though the launch script was executed by a regular user.
Solution
Identify the Docker user flag
Docker runs containers as root by default. The -u / --user option of docker run allows specifying a UID (and optional GID) for the container process. sudo docker run --help Relevant excerpt:
-u, --user string Username or UID (format: <name|uid>[:<group|gid>])Obtain the host UID and GID
Use the id command or inspect /etc/passwd to find the numeric identifiers of the user that should own the files.
UID: id -u (e.g., 1002)
GID: id -g (e.g., 1002)
Alternatively, view the entry in /etc/passwd:
cat /etc/passwdSenior Brother's Insights
A public account focused on workplace, career growth, team management, and self-improvement. The author is the writer of books including 'SpringBoot Technology Insider' and 'Drools 8 Rule Engine: Core Technology and Practice'.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.