无法使用Docker窗口更改卷上文件/文件夹的权限

Question

我尝试使用Docker窗口更改卷上文件/文件夹的权限。但意外的是，权限没有改变。

环境： 主持人：Windows 10专业版 Docker版本17.09.0-ce，构建afdb6d4

重现步骤：

1. 使用下面的Dockerfile构建图像。
2. 使用卷运行容器。
3. 更改文件/文件夹的权限。

Dockerfile：

FROM microsoft/windowsservercore
CMD [ "powershell" ]

输出：

D:\data\docker\sample>docker build -t sample .
Sending build context to Docker daemon  1.272GB
Step 1/2 : FROM microsoft/windowsservercore
 ---> 2cddde20d95d
Step 2/2 : CMD powershell
 ---> Running in dd207fe8b262
 ---> e0203df155cd
Removing intermediate container dd207fe8b262
Successfully built e0203df155cd
Successfully tagged sample:latest

D:\data\docker\sample>docker run -d --name sample --mount type=volume,source=sample_volume,target=C:/data sample ping -t localhost
5a21f41d63de321e912ec3b99010a062d2e04d5f99145c6cd8bf649d3fbbebf1

D:\data\docker\sample>docker exec -i sample cmd
Microsoft Windows [Version 10.0.14393]
(c) 2016 Microsoft Corporation. All rights reserved.

C:\>cd c:\data
cd c:\data

c:\data>MKDIR foo
MKDIR foo

c:\data>ECHO hoge > foo\hoge.txt
ECHO hoge > foo\hoge.txt

c:\data>cacls foo
cacls foo
c:\data\foo NT AUTHORITY\SYSTEM:(OI)(CI)(ID)F
            BUILTIN\Administrators:(OI)(CI)(ID)F
            CREATOR OWNER:(OI)(CI)(IO)(ID)F
            BUILTIN\Users:(OI)(CI)(ID)R
            BUILTIN\Users:(CI)(ID)(special access:)
                                  FILE_WRITE_DATA
                                  FILE_APPEND_DATA
                                  FILE_WRITE_EA
                                  FILE_WRITE_ATTRIBUTES



c:\data>cacls foo\hoge.txt
cacls foo\hoge.txt
c:\data\foo\hoge.txt NT AUTHORITY\SYSTEM:(ID)F
                     BUILTIN\Administrators:(ID)F
                     BUILTIN\Users:(ID)R


c:\data>cacls foo /T /E /G everyone:F
cacls foo /T /E /G everyone:F
processed dir: c:\data\foo
processed file: c:\data\foo\hoge.txt

c:\data>cacls foo
cacls foo
c:\data\foo NT AUTHORITY\SYSTEM:(OI)(CI)(ID)F
            BUILTIN\Administrators:(OI)(CI)(ID)F
            CREATOR OWNER:(OI)(CI)(IO)(ID)F
            BUILTIN\Users:(OI)(CI)(ID)R
            BUILTIN\Users:(CI)(ID)(special access:)
                                  FILE_WRITE_DATA
                                  FILE_APPEND_DATA
                                  FILE_WRITE_EA
                                  FILE_WRITE_ATTRIBUTES



c:\data>cacls foo\hoge.txt
cacls foo\hoge.txt
c:\data\foo\hoge.txt NT AUTHORITY\SYSTEM:(ID)F
                     BUILTIN\Administrators:(ID)F
                     BUILTIN\Users:(ID)R

我找到了一个文档，说明在Linux容器上无法更改卷上文件/文件夹的权限。但我找不到有关Windows容器的文档。 Windows容器是否支持对Windows容器上的文件/文件夹的权限更改？

链接：

• 日志和故障排除| Docker文档https://docs.docker.com/docker-for-windows/troubleshoot/#permissions-errors-on-data-directories-for-shared-volumes

Answer 1

从您提到的链接中，似乎docker for windows不支持更改文件权限。

  

适用于Windows的Docker可以实现基于主机挂载的卷   Microsoft SMB协议，不支持细粒度的chmod   控制这些权限。