pgadmin4 icon indicating copy to clipboard operation
pgadmin4 copied to clipboard
verified publisher icon pgadmin-org

Docker folder permissions changed

Open 100lv opened this issue 2 years ago • 2 comments

Hi, I'm using PGAdmin to manage my postgres databases and just discovered a bit strange behavior - every time when container is recreated (due to upgrade) or docker service is restarted (this is really interesting) - permissions of the folder are "Reseted". This is an issue because I want to backup the folder of docker and as I'm running containers without root access - this is an issue. Workaround that I tried to perform is after initial creation of container - to add additional ACLs that grant read / write permissions to docker use - and then - my backup SW (running again in container) can backup data and when it's necessary - to restore it. The problem is that every time when docker service is restarted - permissions are restored and backup is not working. Also it will be very good if it's possible to run container with "custom" user.

100lv avatar Jan 04 '24 16:01 100lv

Hi @100lv,

Are you talking about which folders? In case of data directory (storage directory), it should not happen on docker restart. You can also mount an external volume for storage to avoid this from occurring.

Thanks.

khushboovashi avatar Jan 05 '24 11:01 khushboovashi

Hi @khushboovashi, So situation is following - I have a docker container with volume defined as follow: volumes: - $DOCKERDIR/pgadmin:/var/lib/pgadmin

(this is Docker compose notation).

I have a docker user with ID and GID - 1000 / 995. All other containers (including backup SW) are running with this user.

To grant them access to folder I'm using following commands:

# sudo setfacl -Rm user:docker:rwx ./pgadmin

# sudo setfacl -Rmd user:docker:rwx ./pgadmin

When I check the permissions:

getfacl pgadmin4.db

# file: pgadmin4.db

# owner: 5050

# group: root

user::rw-

user:docker:rwx

group::rwx

group:docker:rwx

mask::rwx

other::---

If I restart docker service, after the restart permissions are changed as follow:

sudo systemctl restart docker.service

check what is the situation:

getfacl pgadmin4.db

# file: pgadmin4.db

# owner: 5050

# group: root

user::rw-

user:docker:rwx #effective:---

group::rwx #effective:---

group:docker:rwx #effective:---

mask::---

other::---

Same happens if I recreate the container (stop / rm / up ) This doesn't happen if container is restarted by "docker compose restart pgadmin"

I don't have similar issues with any other container so I expect that may be there is a problem with this container. If you need more details - please ask me and if it's necessary - I can provide you with remote access.

100lv avatar Jan 05 '24 16:01 100lv