How do I create a user with write permissions using docker-compose? about sftp HOT 10 CLOSED

You have to give the sftp user UID and GID that match file and directory permissions on your mounted volumes.

Say your mounted volume is a directory owned by a user with UID 1000. Then you must set UID to 1000, if you want write permission.

from sftp.

command: foo:pass:::upload
i tried this in docker-compose and it is working without any permission erros.

from sftp.

@atmoz Thanks for the response.

I think I understand but I'm still getting the same permission denied error.

In my docker-compose.yml i have this:

sftp:
  image: atmoz/sftp
  volumes:
    - "./test/sftp/mock_server:/home/jesse/share"
  ports:
    - "2222:22"
  command: jesse:jesse:502

And locally when I view who owns the directory mock_server it's my user and when I run id -u I see that my user's UID is 502.

Can you elaborate or provide any clarification?

Thanks in advance.

from sftp.

What operation are you trying to do? Are you doing it in the "share" directory? What are the permissions on ./test/sftp/mock_server?

Try exec-ing into the container (docker exec -it <container-id> bash) and create a test-folder and chown it to 502. Can your jesse user change it's content?

from sftp.

@atmoz thanks for the reply. I was able to resolve my issue via the last line of your previous message. Rather than attempting to set the sftp user to the same UID as my local user who owned the share folder, I ssh-ed into the sftp docker container and viewed the info for the folder which was owned by a user with a UID of 1000. So then in the docker-compose.yml I set my user's UID to 1000 and all worked well. I was able to write and delete files as well as read them.

Thanks for the help.

from sftp.

Is there a way to do this programmatically? I want to deploy my sftp server to a docker swarm. I'd like it if I can just 1) create a key pair for a user 2) create a couple lines in a stack.yml file for the same user and deploy my code and be done. Ideally, I want to have the folders the users' files end up on be a shared aws EFS volume that other services can also mount.

Is there a way to determine UID at dev time, such that I don't have to inspect the folder structure in the container?

Thanks.

from sftp.

This is only slightly related, but after changing the user ID in the config, it's important that one runs:

docker-compose stop
docker-compose up -d

If you do docker-compose restart, it will not update the config, but instead use the existing container. See the docs for more info.

from sftp.

Is there a way to determine UID at dev time, such that I don't have to inspect the folder structure in the container?

I'd also be interested if anyone has an answer to this

from sftp.

I ended up just mounting my users.conf file as a docker volume. So, I just edit the file at dev time when I want to add a new user.

from sftp.

@atmoz thanks for the reply. I was able to resolve my issue via the last line of your previous message. Rather than attempting to set the sftp user to the same UID as my local user who owned the share folder, I ssh-ed into the sftp docker container and viewed the info for the folder which was owned by a user with a UID of 1000. So then in the docker-compose.yml I set my user's UID to 1000 and all worked well. I was able to write and delete files as well as read them.

Thanks for the help.

Can you share your docker-compose.yaml file?

from sftp.