无法在具有 Docker windows 的卷上更改 files/folders 的权限
Can't change the permissions of files/folders on a volume with Docker windows
我试图在 Docker windows 的卷上更改 files/folders 的权限。但是权限没有变,出乎意料。
环境:
主持人:Windows10亲
Docker 版本 17.09.0-ce,构建 afdb6d4
重现步骤:
- 使用下面的 Docker 文件构建图像。
- 运行 一个有体积的容器。
- 更改files/folders的权限。
Docker文件:
FROM microsoft/windowsservercore
CMD [ "powershell" ]
输出:
D:\data\docker\sample>docker build -t sample .
Sending build context to Docker daemon 1.272GB
Step 1/2 : FROM microsoft/windowsservercore
---> 2cddde20d95d
Step 2/2 : CMD powershell
---> Running in dd207fe8b262
---> e0203df155cd
Removing intermediate container dd207fe8b262
Successfully built e0203df155cd
Successfully tagged sample:latest
D:\data\docker\sample>docker run -d --name sample --mount type=volume,source=sample_volume,target=C:/data sample ping -t localhost
5a21f41d63de321e912ec3b99010a062d2e04d5f99145c6cd8bf649d3fbbebf1
D:\data\docker\sample>docker exec -i sample cmd
Microsoft Windows [Version 10.0.14393]
(c) 2016 Microsoft Corporation. All rights reserved.
C:\>cd c:\data
cd c:\data
c:\data>MKDIR foo
MKDIR foo
c:\data>ECHO hoge > foo\hoge.txt
ECHO hoge > foo\hoge.txt
c:\data>cacls foo
cacls foo
c:\data\foo NT AUTHORITY\SYSTEM:(OI)(CI)(ID)F
BUILTIN\Administrators:(OI)(CI)(ID)F
CREATOR OWNER:(OI)(CI)(IO)(ID)F
BUILTIN\Users:(OI)(CI)(ID)R
BUILTIN\Users:(CI)(ID)(special access:)
FILE_WRITE_DATA
FILE_APPEND_DATA
FILE_WRITE_EA
FILE_WRITE_ATTRIBUTES
c:\data>cacls foo\hoge.txt
cacls foo\hoge.txt
c:\data\foo\hoge.txt NT AUTHORITY\SYSTEM:(ID)F
BUILTIN\Administrators:(ID)F
BUILTIN\Users:(ID)R
c:\data>cacls foo /T /E /G everyone:F
cacls foo /T /E /G everyone:F
processed dir: c:\data\foo
processed file: c:\data\foo\hoge.txt
c:\data>cacls foo
cacls foo
c:\data\foo NT AUTHORITY\SYSTEM:(OI)(CI)(ID)F
BUILTIN\Administrators:(OI)(CI)(ID)F
CREATOR OWNER:(OI)(CI)(IO)(ID)F
BUILTIN\Users:(OI)(CI)(ID)R
BUILTIN\Users:(CI)(ID)(special access:)
FILE_WRITE_DATA
FILE_APPEND_DATA
FILE_WRITE_EA
FILE_WRITE_ATTRIBUTES
c:\data>cacls foo\hoge.txt
cacls foo\hoge.txt
c:\data\foo\hoge.txt NT AUTHORITY\SYSTEM:(ID)F
BUILTIN\Administrators:(ID)F
BUILTIN\Users:(ID)R
我发现一份文件说 files/folders 对卷的权限不能在 Linux 容器上更改。但是我找不到关于 Windows 容器的文档。 Windows 容器是否支持 file/folders 对卷 在 Windows 容器 上的权限更改?
Link:
从您提到的 link 来看,docker for windows 似乎不支持更改文件权限。
Docker for Windows currrently implements host-mounted volumes based on
the Microsoft SMB protocol, which does not support fine-grained, chmod
control over these permissions.
我试图在 Docker windows 的卷上更改 files/folders 的权限。但是权限没有变,出乎意料。
环境: 主持人:Windows10亲 Docker 版本 17.09.0-ce,构建 afdb6d4
重现步骤:
- 使用下面的 Docker 文件构建图像。
- 运行 一个有体积的容器。
- 更改files/folders的权限。
Docker文件:
FROM microsoft/windowsservercore
CMD [ "powershell" ]
输出:
D:\data\docker\sample>docker build -t sample .
Sending build context to Docker daemon 1.272GB
Step 1/2 : FROM microsoft/windowsservercore
---> 2cddde20d95d
Step 2/2 : CMD powershell
---> Running in dd207fe8b262
---> e0203df155cd
Removing intermediate container dd207fe8b262
Successfully built e0203df155cd
Successfully tagged sample:latest
D:\data\docker\sample>docker run -d --name sample --mount type=volume,source=sample_volume,target=C:/data sample ping -t localhost
5a21f41d63de321e912ec3b99010a062d2e04d5f99145c6cd8bf649d3fbbebf1
D:\data\docker\sample>docker exec -i sample cmd
Microsoft Windows [Version 10.0.14393]
(c) 2016 Microsoft Corporation. All rights reserved.
C:\>cd c:\data
cd c:\data
c:\data>MKDIR foo
MKDIR foo
c:\data>ECHO hoge > foo\hoge.txt
ECHO hoge > foo\hoge.txt
c:\data>cacls foo
cacls foo
c:\data\foo NT AUTHORITY\SYSTEM:(OI)(CI)(ID)F
BUILTIN\Administrators:(OI)(CI)(ID)F
CREATOR OWNER:(OI)(CI)(IO)(ID)F
BUILTIN\Users:(OI)(CI)(ID)R
BUILTIN\Users:(CI)(ID)(special access:)
FILE_WRITE_DATA
FILE_APPEND_DATA
FILE_WRITE_EA
FILE_WRITE_ATTRIBUTES
c:\data>cacls foo\hoge.txt
cacls foo\hoge.txt
c:\data\foo\hoge.txt NT AUTHORITY\SYSTEM:(ID)F
BUILTIN\Administrators:(ID)F
BUILTIN\Users:(ID)R
c:\data>cacls foo /T /E /G everyone:F
cacls foo /T /E /G everyone:F
processed dir: c:\data\foo
processed file: c:\data\foo\hoge.txt
c:\data>cacls foo
cacls foo
c:\data\foo NT AUTHORITY\SYSTEM:(OI)(CI)(ID)F
BUILTIN\Administrators:(OI)(CI)(ID)F
CREATOR OWNER:(OI)(CI)(IO)(ID)F
BUILTIN\Users:(OI)(CI)(ID)R
BUILTIN\Users:(CI)(ID)(special access:)
FILE_WRITE_DATA
FILE_APPEND_DATA
FILE_WRITE_EA
FILE_WRITE_ATTRIBUTES
c:\data>cacls foo\hoge.txt
cacls foo\hoge.txt
c:\data\foo\hoge.txt NT AUTHORITY\SYSTEM:(ID)F
BUILTIN\Administrators:(ID)F
BUILTIN\Users:(ID)R
我发现一份文件说 files/folders 对卷的权限不能在 Linux 容器上更改。但是我找不到关于 Windows 容器的文档。 Windows 容器是否支持 file/folders 对卷 在 Windows 容器 上的权限更改?
Link:
从您提到的 link 来看,docker for windows 似乎不支持更改文件权限。
Docker for Windows currrently implements host-mounted volumes based on the Microsoft SMB protocol, which does not support fine-grained, chmod control over these permissions.