Is this how we let non-root users write to mounted "volumes"?

2 files changed, 9 insertions, 3 deletions

diff --git a/packaging/docker/catlfish-dev/Dockerfile b/packaging/docker/catlfish-dev/Dockerfile
index b1192cf..c9cf96c 100644
--- a/packaging/docker/catlfish-dev/Dockerfile
+++ b/packaging/docker/catlfish-dev/Dockerfile
@@ -35,14 +35,16 @@ RUN git clone https://git.nordu.net/plop.git
 RUN make -C plop
 
 RUN git clone https://git.nordu.net/catlfish.git
-RUN make -C catlfish all
-RUN make -C catlfish PREFIX=/usr/local release
+RUN make -C catlfish PREFIX=/usr/local all release
 
 # Config dir and database dir are mounted from host using `-v' to
 # 'docker run'.
-VOLUME /usr/local/catlfish
+VOLUME /usr/local/etc/catlfish
 VOLUME /var/local/db/catlfish
 
+RUN chgrp daemon /var/local/db/catlfish
+RUN chmod 775 /var/local/db/catlfish
+
 # Working directory is where catlfish.config is. We want to run in
 # /var/run/catlfish and not in /usr/local/etc/catlfish, so symlink.
 RUN mkdir -p /var/run/catlfish/erlang_log /var/run/catlfish/sasl_log
diff --git a/packaging/docker/catlfish-merge/Dockerfile b/packaging/docker/catlfish-merge/Dockerfile
index 668ee0c..23d2003 100644
--- a/packaging/docker/catlfish-merge/Dockerfile
+++ b/packaging/docker/catlfish-merge/Dockerfile
@@ -28,6 +28,10 @@ RUN chgrp daemon /var/run/catlfish
 RUN chmod 775 /var/run/catlfish
 WORKDIR /var/run/catlfish
 
+#
+RUN chgrp daemon /var/local/db/catlfish-merge
+RUN chmod 775 /var/local/db/catlfish-merge
+
 # Don't run as root.
 USER daemon