Not able to mount 2 folders inside in Dockerfile

Question

I have two folders a/b and c/d in the home folder of a user I created in a Dockerfile before. I need to mount b to c. I tried

RUN mount --bind a/b c/d

Unfortunately, at build time I get

[8/8] RUN mount a/b c/d:
#12 0.239 mount: c/d: permission denied

I never changed the user with USER before, so I am still root.

Why am I not able to mount the two folders in my container?

UPDATE: I found out that it does not make sense to mount within a Docker layer, created by the Dockerfile but to do it with a script and the ENTRYPOINT directive and do docker run with --privileged parameter. Unfortunately, this means that I start the container as the root user and that I am only able to change the user from within the entrypoint script; something I would like to avoid. Thus, the main question remains, how would I be able to mount a folder in the container to another folder in the container during or after build but without offering root access to the container.

Answer 1

Have you tried using a bind-mount at runtime?

docker run ... --user 1000:2000 --volume a/b:c/d ...

The container does not have to run privileged in that case, and you do not have to use the root user (UID=0) inside the container. However normal filesystem privileges apply. It means if user with id 1000 is not allowed to read/write that folder, the same happens within the container.

See also https://docs.docker.com/engine/reference/commandline/run/