This repository has been archived by the owner on Jan 19, 2024. It is now read-only.
Fix cause of issues with shared files #34
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Synchronization of access rights to shared files between of the host and the container was based on a small hack where we create users with the same UID and GID on the host and in the container. Linux doesn't care of user names but only of id numbers so it considers users with the same ids as the same user. This mechanism worked well until namespaces mapping and rootless start were added to Docker. Since that moment these mechanisms interfere with each other and it causes the bugs. Docker Desktop works with userns-remap turned on only. I found that Docker Desktop doesn't use dockerd daemon at all. I started Docker Desktop and stopped the daemon but DUNE commands still work well. It seems Docker Desktop has builtin daemon which works in parallel with the dockerd daemon. It is very easy to confuse which system you are currently working with. It cause issues and misunderstandings. This fix removes the hack with creation in the container of a user with the same UID and GID as the host user. It allows Docker with turned on userns-remap correctly map UID and GID of a user from the container to a current host user. So all shared files get the UID and GID of a current host user.
dimas1185
approved these changes
Oct 21, 2022
larryk85
suggested changes
Oct 25, 2022
larryk85
approved these changes
Oct 25, 2022
This was referenced Oct 28, 2022
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Synchronization of access rights to shared files between of the host and the container was based on a small hack where we create users with the same UID and GID on the host and in the container. Linux doesn't care of user names but only of id numbers so it considers users with the same ids as the same user. This mechanism worked well until namespaces mapping and rootless start were added to Docker. Since that moment these mechanisms interfere with each other and it causes the bugs.
Docker Desktop works with userns-remap turned on only. I found that Docker Desktop doesn't use dockerd daemon at all. I started Docker Desktop and stopped the daemon but DUNE commands still work well. It seems Docker Desktop has builtin daemon which works in parallel with the dockerd daemon. It is very easy to confuse which system you are currently working with. It cause issues and misunderstandings.
This fix removes the hack with creation in the container of a user with the same UID and GID as the host user. It allows Docker with turned on userns-remap correctly map UID and GID of a user from the container to a current host user. So all shared files get the UID and GID of a current host user.