Platform Differences

Know about the platform differences you can face and how to cope with them.

We'll cover the following

Although Docker strives for complete platform independence, there is at least one notable way it differs across platforms. Let’s take a quick look and see what the deal is.

File ownership and permissions

There are some subtle differences when it comes to how file ownership and permissions are handled on different Docker platforms (Mac, Linux, and Windows). These differences can cause a slight issue when you write files to a mounted volume from inside a container.

The issue stems from the fact that different user accounts are usually used inside and outside a container. Typically, you use your normal user account on your machine, but the default user is the container’s root account inside a container. This means that the root user owns files created inside the container. When you exit the container, the question is, will you be able to modify these files that are owned by the root? The answer is slightly different for each platform.

Windows

On Docker for Windows, files created inside the container have file permissions that allow them to be modified by anyone (the equivalent of Unix file permission 777). This means there is no issue with using and modifying the files outside the container.

Mac

Docker for Mac uses its own separate file-sharing system called sxfs. It does some trickery to make it seem like the mounted files are owned by whichever user in the container accesses/creates them. However, in reality, the files on your local filesystem are owned by whichever macOS user account owns them.

In practice, this means that mounted files are readable and writable both inside and outside the container without having to modify file ownership.

Linux

On Linux, there is no magic or trickery to insulate you from the file ownership differences between the inside container and outside container on your local machine. If files inside the container are owned by root, then outside the container, they are still owned by root. We always have to do something to ensure files generated inside our container are editable by us outside the container.

We can take one of two approaches:

  1. Use the --user "$(id -u):$(id -g)" option, which runs the command with your local user’s ID and group ID, for example:

    $ docker-compose exec --user "$(id -u):$(id -g)" web \
    bin/rails generate controller welcome index
    
  2. chown the files by running the following from your Rails root:

    $ sudo chown <your_user>:<your_group> -R .
    

The latter seems the most straightforward. To save on typing, you could even create a Rake task or shell command alias.

Get hands-on with 1400+ tech skills courses.