Basic question for the Linux folk. I'm sharing a ZFS dataset from a host (which currently only has the root user) with an ubuntu 16.06 container that has actual (non-root) users.
I.e. I bind-mount /rpool/files in the host to /media/files in the container.
Within that mounted dataset I want user pete to own the directory /media/files/pete and I want user paul to own the directory /media/files/paul.
At first, within the container, ls -al shows that /media/files/pete and /media/files/paul are owned by root:root
So in the container, I chown -R pete: pete /media/files/pete and similarly for paul
Now ls -al shows that /media/files/pete is owned by pete: pete and similarly for paul. All good.
However, in the host, ls -al shows that /rpool/files/pete is now owned by 1001:1001 and /rpool/files/paul is owned by 1002:1002.
Eek! What if I were to subsequently add an unrelated user fred to the host system that happened to be assigned the uid 1001. Would that mean that that /rpool/files/pete would now be owned by fred:fred on the host? And more realistically, if I share that dataset with another container that has different users and uids, would some random user own /media/files/pete on that other container?
What is best practice here? Do I need to set up all my containers and host to have the same set of users, and ensure that the UIDs are the same across the board?
I.e. I bind-mount /rpool/files in the host to /media/files in the container.
Within that mounted dataset I want user pete to own the directory /media/files/pete and I want user paul to own the directory /media/files/paul.
At first, within the container, ls -al shows that /media/files/pete and /media/files/paul are owned by root:root
So in the container, I chown -R pete: pete /media/files/pete and similarly for paul
Now ls -al shows that /media/files/pete is owned by pete: pete and similarly for paul. All good.
However, in the host, ls -al shows that /rpool/files/pete is now owned by 1001:1001 and /rpool/files/paul is owned by 1002:1002.
Eek! What if I were to subsequently add an unrelated user fred to the host system that happened to be assigned the uid 1001. Would that mean that that /rpool/files/pete would now be owned by fred:fred on the host? And more realistically, if I share that dataset with another container that has different users and uids, would some random user own /media/files/pete on that other container?
What is best practice here? Do I need to set up all my containers and host to have the same set of users, and ensure that the UIDs are the same across the board?