Most Docker containers, especially from Linuxserver folks, use these PUID and PGID. Also, most of the Docker containers in this blog use these PUID and PGID.
According to Linuxserver
Docker runs all of its containers under thehttps://docs.linuxserver.io/general/understanding-puid-and-pgid
rootuser domain because it requires access to things like network configuration, process management, and your filesystem. This means that the processes running inside your containers also run as
root. This kind of elevated access is not ideal for day-to-day use, and potentially gives applications the access to things they shouldn’t (although, a strong understanding of volume and port mapping will help with this).
Another issue is file management within the container’s mapped volumes. If the process is running under
root, all files and directories created during the container’s lifespan will be owned by
root, thus becoming inaccessible by you.
PGIDallows our containers to map the container’s internal user to a user on the host machine. All of our containers use this method of user mapping and should be applied accordingly.
I really do not want to use the admin account, so let’s create a new user for this sole purpose.
- Navigate to Access Rights Management > User
- Click on Add
- Give the new user a username
- Give the new user a password
- Confirm the password
- Select the
/usr/sbin/nologinfrom the Shell drop-down menu
- Enable the Disallow the user to modify his account
- Click Save
- Click on Apply
- We are keeping this user in the User group, so there is no extra step for that
To verify the user’s PUID and PGID, SSH in to the OMV server and enter the command
id hoid uid=1000(hoid) gid=100(users) groups=100(users)
The value we want is the uid and gid, so the next time you create a Docker container that requires the PUID and PGID, we would be using 1000 for the PUID and 100 for the PGID.
This is not related to this post, but if you are wondering, who the heck is hoid. Hoid is a character in Brandon Sanderson‘s fantasy novels in the Cosmere universe. I just thought of using Hoid as my Docker container PUID/PGID post since he is going to tied to all the containers.