I want to run Postgres in podman using a local volume to store Postgres data. When using "podman only" the setup is flawless, when using podman-compose, the uid/gid the container is running with differs from the uid/gid the volume is created with, so access does not work.
I am on Windows 11, using WSL2. Versions are:
$ podman-compose version
podman-compose version: 1.0.7
['podman', '--version', '']
using podman version: 4.8.1
podman-compose version 1.0.7
podman --version
podman version 4.8.1
It all works fine when I use:
podman volume create pu-postgres-vol --driver=local
podman pod create --name pu-postgres-pod -p 9876:80 -p 5432:5432
podman run --name pu-delivery-order --pod=pu-postgres-pod -v pu-postgres-vol:/var/lib/postgresql/data -e POSTGRES_DB=delivery-order -e POSTGRES_HOST_AUTH_METHOD=trust -e POSTGRES_USER=A_USER_ID -e POSTGRES_PASSWORD=A_PASSWD -d docker.io/postgres:latest
... ps -ef on the WSL2 conatiner shows that postgres operates under the dynamic (?) uid 525286:
525286 2018 2016 0 10:46 ? 00:00:00 postgres
525286 2076 2018 0 10:46 ? 00:00:00 postgres: checkpointer
525286 2077 2018 0 10:46 ? 00:00:00 postgres: background writer
525286 2079 2018 0 10:46 ? 00:00:00 postgres: walwriter
525286 2080 2018 0 10:46 ? 00:00:00 postgres: autovacuum launcher
525286 2081 2018 0 10:46 ? 00:00:00 postgres: logical replication launcher
... and the directory also belongs to uid 525286:
$ ls -al /home/user/.local/share/containers/storage/volumes/pu-postgres-vol/
total 12
drwx------ 3 user user 4096 Dec 21 10:45 .
drwxrwxrwx 5 user user 4096 Dec 21 10:45 ..
drwx------ 19 525286 525286 4096 Dec 21 10:46 **_data**
Things break when I use podman-compose, this is my compose file:
services:
pu-delivery-order-postgres:
container_name: pu-delivery-order-postgres
image: postgres:latest
environment:
- POSTGRES_USER=${POSTGRES_PUdeliveryOrder_USER}
- POSTGRES_PASSWORD=${POSTGRES_PUdeliveryOrder_PW}
- POSTGRES_DB=${POSTGRES_PUdeliveryOrder_DB}
ports:
- "${POSTGRES_PUdeliveryOrder_PORT}:5432"
volumes:
- pu-delivery-order-postgres-data:/var/lib/postgresql/data
restart: always
# ----- VOLUMES FOR STORAGE -----
volumes:
pu-delivery-order-postgres-data:
driver: local
driver_opts:
size: "25MB"
This exact configuration results in:
Error: mounting volume podman-infrastructure-local_pu-delivery-order-postgres-data for container eefe22617dfd5f50a597822693d054c64a71f0e297be3ec12fe0891a4496f61a: mount: /home/user/.local/share/containers/storage/volumes/podman-infrastructure-local_pu-delivery-order-postgres-data/_data: permission denied.
The problem seems to be that the container uid is a dynamic one:
$ps -ef
...
525286 1393 1386 0 10:44 ? 00:00:00 postgres
525286 1462 1393 0 10:44 ? 00:00:00 postgres: checkpointer
525286 1463 1393 0 10:44 ? 00:00:00 postgres: background writer
525286 1465 1393 0 10:44 ? 00:00:00 postgres: walwriter
525286 1466 1393 0 10:44 ? 00:00:00 postgres: autovacuum launcher
525286 1467 1393 0 10:44 ? 00:00:00 postgres: logical replication launcher
... while the volume is created by docker-compose like this:
$ ls -al /home/user/.local/share/containers/storage/volumes/
total 20
drwxrwxrwx 5 user user 4096 Dec 21 12:42 .
drwx------ 10 user user 4096 Dec 21 12:42 ..
drwx------ 3 user user 4096 Dec 21 12:42 podman-infrastructure-local_pu-delivery-order-postgres-data
I am new to podman and have limited knowledge about container and Linux tech. However, I understand that a mismatch of owner and group id and ownership between a process and a volume cause problems in Linux.
I tried every way I could find to play with userns mappings I could imagine:
pu-delivery-order-postgres:
container_name: pu-delivery-order-postgres
image: postgres:latest
# userns_mode: "host"
# user: "1000:1000"
# userns_mode: "keep-id:uid=999,gid=999"
# gidmap: "1000:999"
# uidmap: "1000:999"
... but could not fix the issue.
I need help to either run the container with a different uid or fix ownership of the volume. Thank you for your help!