Description
When using Docker, a volume is populated with the initial ownership based on the USER directive.
In the case of Envbuilder, this will always be root:root.
The net result of this is that if you create a Docker volume mounted at /home/someuser and run an envbuilder container that builds an image containing someuser, the resulting user's home directory will be owned by root:root.
Example:
$ docker volume create test_coder_home
$ docker run -it --rm -v test_coder_home:/home/coder -e ENVBUILDER_FALLBACK_IMAGE=codercom/enterprise-
minimal:ubuntu -e ENVBUILDER_INIT_SCRIPT=/bin/sh ghcr.io/coder/envbuilder-preview:latest
[...]
$ cd
$ ls -l ../
total 4
drwxr-xr-x 2 root root 4096 Jun 10 14:35 coder
$ touch test
touch: cannot touch 'test': Permission denied
In Kubernetes-land, you would generally fix this by specifying fsGroup or adding an init container to fix ownership. This isn't as much of an option here.