Question Docker Permissions Question

4,289
1,469
NAS
DS4l8play, DS202j, DS3623xs+, DSM 8.025847-𝘣𝘦𝘵𝘢
I set up jlesage/docker-mkvtoolnix and have run into a confounding issue that seems permissions related.

One of the container volume mappings "/storage" is for where video files reside for editing. Initially I mapped /videos (the shared folder auto-created by Synology's Video Station package), however, when I opened the "storage" folder it was empty (no files/folders visible).

Next, I remapped the container's /storage to a subfolder under my shared folder /docker (the shared folder auto-created by Synology's Docker package), and files/folders were visible under the "storage" folder. But that's not where I want to edit my video files.

Lastly, I mapped the container's /storage folder to a shared folder I created a few weeks ago "/downloads". Again, no files/folders were visible.

I'm thinking this is a permissions issue of some sort, but it's not obvious to me. The Docker volume mappings are "rw" and there's nothing jumping out at me that distinguishes the shared folder /docker permissions from the other shared folders (/video /downloads).

Where should I look to find the issue?
 
I glanced at the documentation. That package does NOT use the more common PUID and PGID environment variables.

User/Group IDs

When using data volumes (-v flags), permissions issues can occur between the host and the container. For example, the user within the container may not exists on the host. This could prevent the host from properly accessing files and folders on the shared volume.


To avoid any problem, you can specify the user the application should run as.


This is done by passing the user ID and group ID to the container via the USER_ID and GROUP_ID environment variables.
 
Last edited:
If the image uses a restirected user, than docker allows to modify that users UID:GID, by starting a container with the -u option. The same is feasable in docker-compose deployment; the config item is user:.

On the shell use `stat /path/to/your/folder` to see the ownership and set those ID's in the -u option.
Containers rely on the unix permission only. Synology uses ACL's to configure permissions; those are typicaly ignored by containers.

Update: oh, now I see that the last line of Seaprobe's quote statess how permission mapping is done for this image, seems like you need to use the ENV's USER_ID and GROUP_ID instead.

Permission mapping is nothing docker provides, it is in the responsiblity of the image maintainer to implement it - that is if he wants to support it at all! If they implement it, it is up to them how the name the ENV variables they use to make it work. Typicaly an entrypoint script takes those values and applies them to the default restricted user inside the container.
 
seems like you need to use the ENV's USER_ID and GROUP_ID instead.
I'll try this, but I can tell you that running sonarr with my admin PGID/PUID has the same problem. In that case I gave up and put my videos under the shared folder "Docker" since they weren't seen under "Video". This is so puzzling.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

There must be already be some sort of dependency, as the deluge service joins the network namespace of the...
Replies
6
Views
598
Ok got this running.. But how do I specify the custom_user/password settings in the yaml-file? EDIT...
Replies
7
Views
868
For the heck of it, I just checked again in docker container, and it announced an update was available. I...
Replies
4
Views
1,022
  • Question
Do realize, that enabling any user to run docker containers is largely the same as giving that user full...
Replies
6
Views
1,614
Hello, I already have it configured perfectly with wireguard. I was looking at the Gluetun configuration...
Replies
4
Views
1,575
Thanks... I tried something similar with rsync. The docker volume lived in...
Replies
7
Views
1,757

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Trending threads

Back
Top