无法使用 Docker windows 更改卷上文件/文件夹的权限

Question

无法使用 Docker windows 更改卷上文件/文件夹的权限

nod*_*hip 2 windows docker docker-for-windows

我尝试使用 Docker windows 更改卷上文件/文件夹的权限。但出乎意料的是，权限没有改变。

环境：主机：Windows 10 Pro Docker 版本 17.09.0-ce，构建 afdb6d4

重现步骤：

使用下面的 Dockerfile 构建镜像。
运行具有卷的容器。
更改文件/文件夹的权限。

Dockerfile：

FROM microsoft/windowsservercore
CMD [ "powershell" ]

Run Code Online (Sandbox Code Playgroud)

输出：

D:\data\docker\sample>docker build -t sample .
Sending build context to Docker daemon  1.272GB
Step 1/2 : FROM microsoft/windowsservercore
 ---> 2cddde20d95d
Step 2/2 : CMD powershell
 ---> Running in dd207fe8b262
 ---> e0203df155cd
Removing intermediate container dd207fe8b262
Successfully built e0203df155cd
Successfully tagged sample:latest

D:\data\docker\sample>docker run -d --name sample --mount type=volume,source=sample_volume,target=C:/data sample ping -t localhost
5a21f41d63de321e912ec3b99010a062d2e04d5f99145c6cd8bf649d3fbbebf1

D:\data\docker\sample>docker exec -i sample cmd
Microsoft Windows [Version 10.0.14393]
(c) 2016 Microsoft Corporation. All rights reserved.

C:\>cd c:\data
cd c:\data

c:\data>MKDIR foo
MKDIR foo

c:\data>ECHO hoge > foo\hoge.txt
ECHO hoge > foo\hoge.txt

c:\data>cacls foo
cacls foo
c:\data\foo NT AUTHORITY\SYSTEM:(OI)(CI)(ID)F
            BUILTIN\Administrators:(OI)(CI)(ID)F
            CREATOR OWNER:(OI)(CI)(IO)(ID)F
            BUILTIN\Users:(OI)(CI)(ID)R
            BUILTIN\Users:(CI)(ID)(special access:)
                                  FILE_WRITE_DATA
                                  FILE_APPEND_DATA
                                  FILE_WRITE_EA
                                  FILE_WRITE_ATTRIBUTES



c:\data>cacls foo\hoge.txt
cacls foo\hoge.txt
c:\data\foo\hoge.txt NT AUTHORITY\SYSTEM:(ID)F
                     BUILTIN\Administrators:(ID)F
                     BUILTIN\Users:(ID)R


c:\data>cacls foo /T /E /G everyone:F
cacls foo /T /E /G everyone:F
processed dir: c:\data\foo
processed file: c:\data\foo\hoge.txt

c:\data>cacls foo
cacls foo
c:\data\foo NT AUTHORITY\SYSTEM:(OI)(CI)(ID)F
            BUILTIN\Administrators:(OI)(CI)(ID)F
            CREATOR OWNER:(OI)(CI)(IO)(ID)F
            BUILTIN\Users:(OI)(CI)(ID)R
            BUILTIN\Users:(CI)(ID)(special access:)
                                  FILE_WRITE_DATA
                                  FILE_APPEND_DATA
                                  FILE_WRITE_EA
                                  FILE_WRITE_ATTRIBUTES



c:\data>cacls foo\hoge.txt
cacls foo\hoge.txt
c:\data\foo\hoge.txt NT AUTHORITY\SYSTEM:(ID)F
                     BUILTIN\Administrators:(ID)F
                     BUILTIN\Users:(ID)R

Run Code Online (Sandbox Code Playgroud)

我发现一个文档说在 Linux 容器上无法更改卷上文件/文件夹的权限。但我找不到有关 Windows 容器的文档。Windows 容器是否支持Windows 容器上卷上的文件/文件夹的权限更改？

关联：

日志和故障排除 | Docker 文档https://docs.docker.com/docker-for-windows/troubleshoot/#permissions-errors-on-data-directories-for-shared-volumes

Answer 1

Ayu*_*hya 8

从您提到的相关链接来看，Windows 版 docker 似乎不支持更改文件权限。

Docker for Windows 目前实现基于 Microsoft SMB 协议的主机安装卷，该协议不支持对这些权限进行细粒度的 chmod 控制。

归档时间：	8 年前
查看次数：	7163 次
最近记录：	8 年前