Dear Developer Community,
I have been trying to create a new volume for the flashdisk on an iMX6 running Torizon OS using the docker-compose.yml file, the directory does get created, however it is under root access as opposed to the user access meaning the firmware does not get access to use the directory. I have tried specifying the user in the docker-compose file and I have tried creating the directory in the Dockerfile with no luck.
Many Thanks,
Job
Hi, I’m the Toradex AI Assistant. The Toradex Support team will follow up with you shortly!
Did you like my answer?
Hello there!
Configuring volumes in your docker-compose.yml file is a crucial step in managing data persistence and access in your containers. Here’s a simple example to help you set up volumes with the correct structure:
version: "2.4"
services:
your-service:
volumes:
- "your-volume:/path/to/mount"
volumes:
your-volume:
To ensure proper user access to these volumes, follow these steps:
volumes section of your docker-compose.yml file.volumes directive to mount the volume to your service.The example above outlines the basic setup. While the documentation provides a good starting point, it doesn’t specifically cover setting user permissions for volumes. For more detailed guidance, you might find the following resources helpful:
If you need a general approach to handling volume permissions in Docker, feel free to ask! I’m here to help with any Torizon-specific solutions you might need.
Best regards,
Toradex AI Assistant.
Greetings @JobDerksen,
Could you provide the exact details of how you’re trying to create the new volume in the Docker compose file.
Typically if you are bind-mounting a volume directory from the host OS into the container. The permissions that directory had on the host are then transplanted into the container. If you are generating a completely fresh volume in the container, then a new directory gets created in the container filesystem with default root permissions. You could try to pre-make the directory in the container image with the correct permissions. That way when you attach the volume on container startup it should inherit the permissions of the pre-made directory. Something akin to the solution here: Change permissions for named volumes in Docker - Server Fault
That said it would still be appreciated if you could share what you’re doing exactly so it’s clearer what you’re trying to do.
Best Regards,
Jeremias
Hi @jeremias.tx
In the docker-compose file we have initiated the volume like so.
volumes:
- “/home/user-name/new_volume:/new_volume:rw”
This then gets mounted under root access.
I have also tried the solution you sent, but it does not seem to work I however am not sure if I’m to use Dockerfile.sdk or Dockerfile.debug (as I am only debugging the solution right now)
I did try using both the dockerfiles while also removing the volume from the compose file to see if that was causing the directory permissions to be over written, however this caused there to be no directory. To check for the directory I have been sshing into the iMX6 then checking for the folder and its permission, but I’m not certain if it only exists when the container is running.
Best Regards,
Job
In the docker-compose file we have initiated the volume like so.
volumes:
“/home/user-name/new_volume:/new_volume:rw”
Okay, so I understand this to mean you’re binding the directory /home/user-name/new_volume from the host filesystem to /new_volume inside the container filesystem. Does the path /home/user-name/new_volume already exist on the host filesystem prior to running your container?
If it does not, then when your container is starting it will create /home/user-name/new_volume on the host filesystem with root permissions. These permissions are then copied through the bind-mount volume into the container filesystem.
What you should do is create this path on the host with the permissions you want it to have in the container. I tested the following:
/home/torizon/test using the torizon user outside of the filesystem. Naturally this newly created directory is owned by the torizon user:torizon@verdin-imx8mp-06849059:~$ ls -l /home/torizon
total 8
drwxr-xr-x 2 torizon torizon 4096 May 1 17:41 test
/home/torizon/test:/test:rw/test has inherited the permissions/ownership of /home/torizon/test:torizon@82b3a57f22eb:/$ ls -l /
total 52
lrwxrwxrwx 1 root root 7 Jan 13 00:00 bin -> usr/bin
drwxr-xr-x 2 root root 4096 Dec 31 10:25 boot
drwxr-xr-x 5 root root 340 May 1 17:48 dev
drwxr-xr-x 1 root root 4096 May 1 17:48 etc
drwxr-xr-x 1 root root 4096 Jan 30 12:06 home
lrwxrwxrwx 1 root root 7 Jan 13 00:00 lib -> usr/lib
drwxr-xr-x 2 root root 4096 Jan 13 00:00 media
drwxr-xr-x 2 root root 4096 Jan 13 00:00 mnt
drwxr-xr-x 2 root root 4096 Jan 13 00:00 opt
dr-xr-xr-x 206 root root 0 May 1 17:48 proc
drwx------ 2 root root 4096 Jan 13 00:00 root
drwxr-xr-x 3 root root 4096 Jan 13 00:00 run
lrwxrwxrwx 1 root root 8 Jan 13 00:00 sbin -> usr/sbin
drwxr-xr-x 2 root root 4096 Jan 13 00:00 srv
dr-xr-xr-x 12 root root 0 May 1 17:48 sys
drwxr-xr-x 2 torizon torizon 4096 May 1 17:41 test
drwxrwxrwt 2 root root 4096 Jan 13 00:00 tmp
drwxr-xr-x 1 root root 4096 Jan 13 00:00 usr
drwxr-xr-x 1 root root 4096 Jan 13 00:00 var
/test:torizon@c731310bf9f0:/$ touch /test/foo
torizon@c731310bf9f0:/$ ls -l /test
total 0
-rw-r--r-- 1 torizon torizon 0 May 1 17:49 foo
In summary, create the file-path on the host with the permissions and ownership you want before you run the container that bind-mounts the volume.
Best Regards,
Jeremias
Hi @jeremias.tx
I just want to say thank you for the help!
Is there a way to automate the process of creating the directory? Could there be a shell script which then creates the directory with the correct permissions if it is not present?
Best Regards,
Job
Is there a way to automate the process of creating the directory? Could there be a shell script which then creates the directory with the correct permissions if it is not present?
You could create a systemd service for this purpose: Basic Linux Commands | Toradex Developer Center
You can just have the service run mkdir -p <path to directory> or have it execute a shell script you made if you want something more advanced. The systemd service can then be captured using TorizonCore Builder so you have it in an image by default.
Best Regards,
Jeremias
Perfect, thank you so much for the help!