3:48 p.m.
On 2020-09-14 19:30, Dominic wrote:
Hello,
There may not be a good answer to this question, but I was
wondering if anyone has a suggestion. I'm using rootless podman
for local development environments for Node.js and PHP projects.
I can't wait to rebuild an image after each file is changed, so
I'm bind mounting my project's working directory into the
container so changes are reflected instantly. A consequence of
this is that all of the project files are owned by the root user
inside the container (since they are owned by my regular user
outside). This means that I need to run any commands as root in
the container in order to have access to the project files. That,
in itself, is not a big deal. The problem is that a lot of
software doesn't like to be run as root. I have run into problems
with:
- PHP-FPM requires a special flag to run as root and config changes
- WP-CLI requires a special flag added to any command to run as root
- Compiling software can fail as part of npm install (specifically with gulp-imagemin)
None of these issues are really show stoppers, but they do slow
down development, and each time I run into a new one it can take
time to debug.
Are there any workarounds that allow for fast development, the
user running in the container to not be root, and reasonable
security (e.g. I don't really want to chmod 777 all of my project
files)?
--
Thank you,
Dominic
Podman features a `--userns=keep-id` flag that will map your user
outside the container, to the same UID in the container - so if you
could convince PHP-FPM and other applications to run as your UID, you
should be able to work with files owned by your user without issue.
Thanks,
Matt Heon
_______________________________________________
Podman mailing list -- podman(a)lists.podman.io
To unsubscribe send an email to podman-leave(a)lists.podman.io