2

I am trying to start a container with read only filesystem, but a specific folder (/app) needs to be world writable.

# docker create -it --name=test \
     --read-only \
     --mount type=tmpfs,destination=/app,tmpfs-mode=1777 \
     --entrypoint /bin/bash \
     debian:latest

On the first container start, this work fine as expected.

# docker start test
test
# docker exec -it test bash
root@c6a9a58b7afe:/#
root@c6a9a58b7afe:/# ls -lrt / | grep app
drwxrwxrwt   2 root root   40 Aug 31 10:19 app

Then I stopped the container and started it again. This time, /app is no longer world writable.

root@c6a9a58b7afe:/# exit
exit
# docker stop test
test
# docker start test
test
# docker exec -it test bash
root@c6a9a58b7afe:/#  ls -lrt / | grep app
drwxr-xr-x   2 root root   40 Aug 31 10:20 app
root@c6a9a58b7afe:/#

Why is this difference seen on first (drwxrwxrwt) and subsequent (drwxr-xr-x) container instances? How to make this permanently world writable?

m.divya.mohan
  • 2,261
  • 4
  • 24
  • 34
  • If you delete the container and run a new one, is it better? In most cases you shouldn't need `docker start`. – David Maze Aug 31 '21 at 11:04
  • @DavidMaze If I use 'docker stop' and 'docker rm' to delete container, and create new with 'docker create' this problem is not seen. I wanted to understand why this behavior happens with docker stop and start. Apart from this issue, docker stop/start is enough for my other use cases. – m.divya.mohan Aug 31 '21 at 13:01

0 Answers0