From 3320a61d04e3ef3b670ae7e886be75e7ea19f918 Mon Sep 17 00:00:00 2001 From: phlax Date: Tue, 21 Jul 2020 20:22:56 +0100 Subject: [PATCH] docs: note file permissions when using Docker (#12208) Add further info on file permissions to Docker docs. See #12112 Risk Level: very low Testing: n/a Docs Changes: yes Release Notes: n/a Signed-off-by: Ryan Northey Signed-off-by: scheler --- docs/root/start/start.rst | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/docs/root/start/start.rst b/docs/root/start/start.rst index 07fea5347580..2d3e81951aff 100644 --- a/docs/root/start/start.rst +++ b/docs/root/start/start.rst @@ -179,6 +179,20 @@ You can then configure ``envoy`` to log to files in ``/var/log`` The default ``envoy`` ``uid`` and ``gid`` are ``101``. +The ``envoy`` user also needs to have permission to access any required configuration files mounted +into the container. + +If you are running in an environment with a strict ``umask`` setting, you may need to provide envoy with +access either by setting the ``uid`` or ``gid`` of the file, or by making the configuration file readable +by the envoy user. + +One method of doing this without changing any file permissions or running as root inside the container +is to start the container with the host user's ``uid``, for example: + +.. substitution-code-block:: none + + $ docker run -d --name envoy -e ENVOY_UID=`id -u` -p 9901:9901 -p 10000:10000 envoy:v1 + Sandboxes ---------