我用的是vscode devcontainers
我的环境、设置和执行如下:devcontainer@0.35.0
、Docker version 23.0.4, build f480fb1
、Docker Compose version v2.17.2
、ubuntu 20
.devcontainer
|- .devcontainer.json
|- Dockerfile
. devcontainer.json:
{
"name": "Node.js",
"build": {
"dockerfile": "Dockerfile",
},
"settings": {
"terminal.integrated.defaultProfile.linux": "bash",
"terminal.integrated.profiles.linux": {
"bash": {
"path": "/bin/bash",
"icon": "terminal-bash",
},
},
},
"extensions": [
"dbaeumer.vscode-eslint"
],
}
Dockerfile:
FROM mcr.microsoft.com/devcontainers/typescript-node:20
$ devcontainer build .
[12 ms] @devcontainers/cli 0.35.0. Node.js v16.14.2. linux 5.15.0-41-generic x64.
[519 ms] Start: Run: docker buildx build --load --build-arg BUILDKIT_INLINE_CACHE=1 -f /tmp/devcontainercli-craig/container-features/0.35.0-1682146167065/Dockerfile-with-features -t vsc-testdevc-badaeb5eab5ce3c45f2eb0d49d69644c94fb162ab4a701e8569eeb7219cdbf07 --target dev_containers_target_stage --build-arg _DEV_CONTAINERS_BASE_IMAGE=dev_container_auto_added_stage_label /home/craig/testDevc/.devcontainer
[+] Building 0.1s (6/6) FINISHED
=> [internal] load build definition from Dockerfile-with-features 0.0s
=> => transferring dockerfile: 1.38kB 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [internal] load metadata for mcr.microsoft.com/devcontainers/typescri 0.1s
=> CACHED [dev_container_auto_added_stage_label 1/1] FROM mcr.microsoft. 0.0s
=> preparing layers for inline cache 0.0s
=> exporting to image 0.0s
=> => exporting layers 0.0s
=> => writing image sha256:0fa55cc0ebea427319bfb7cb68823433bc84e04ebb016 0.0s
=> => naming to docker.io/library/vsc-testdevc-badaeb5eab5ce3c45f2eb0d49 0.0s
{"outcome":"success","imageName":["vsc-testdevc-badaeb5eab5ce3c45f2eb0d49d69644c94fb162ab4a701e8569eeb7219cdbf07"]}
$ devcontainer open
[229 ms] @devcontainers/cli 0.35.0. Node.js v16.14.2. linux 5.15.0-41-generic x64.
从容器内的vscode终端
node ➜ /workspaces/testDevc $ ls -al
total 12
drwxrwxr-x 3 root root 4096 Apr 22 06:49 .
drwxr-xr-x 3 root root 4096 Apr 22 06:49 ..
drwxrwxr-x 2 root root 4096 Apr 22 06:49 .devcontainer
node ➜ /workspaces/testDevc $ ls -an
total 16
drwxrwxr-x 3 0 0 4096 Apr 22 07:11 .
drwxr-xr-x 3 0 0 4096 Apr 22 06:49 ..
drwxrwxr-x 2 0 0 4096 Apr 22 06:49 .devcontainer
node ➜ /workspaces/testDevc $ whoami
node
node ➜ /workspaces/testDevc $ id
uid=1000(node) gid=1000(node) groups=1000(node),998(nvm),999(npm)
node ➜ /workspaces/testDevc $ groups
node nvm npm
node ➜ /workspaces/testDevc $ cat > test.txt
bash: test.txt: Permission denied
node ➜ /workspaces/testDevc $
从集装箱外的终端:
craig@desk:0:~/testDevc$ ls -al
total 16
drwxrwxr-x 3 craig craig 4096 Apr 22 00:11 .
drwxr-xr-x 55 craig craig 4096 Apr 21 23:48 ..
drwxrwxr-x 2 craig craig 4096 Apr 21 23:49 .devcontainer
craig@desk:0:~/testDevc$ whoami
craig
craig@desk:0:~/testDevc$ id
uid=1000(craig) gid=1000(craig) groups=1000(craig),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),120(lpadmin),131(lxd),132(sambashare),255(common),998(docker),1001(craig1001)
craig@desk:0:~/testDevc$ cat > test2.txt
hello
craig@desk:0:~/testDevc$ cat test2.txt
hello
可以看到,主机上的用户craig
和容器上的用户node
共享相同的uid。我认为这足以确保node
能够写文件。
我错过了什么?会不会是因为主机是ubuntu linux而不是WSL?
1条答案
按热度按时间83qze16e1#
1.摘要
这解释了如何使
devcontainer
创建的容器和主机都能够在同一个挂载目录上写入文件。1 -在容器配置中,Dockerfile被修改,以便在写入时设置组写入权限标志。
2 -在主机端,首先创建与容器组匹配的新组,并将主机用户添加到该组。
3 -然后,设置开发目录和文件权限标志。
将这一行添加到。devcountainer/Dockerfile:
RUN su node -c "echo 'umask 0002' >> /home/node/.bashrc"
例如,这是一个工作。devcountainer/Dockerfile:
1.在主机上添加组
在ubuntu 20主机的情况下,容器上用户拥有的文件的uid被观察到为100999。这可能因系统而异。
在主机上创建一个gid为100999的组,并将主机用户添加到该组。必须注销并重新登录才能生效。
1.设置主机开发目录权限