Docker: bind mount permission denied
Fix file permission errors when Docker bind mounts map host directories into containers with mismatched UIDs.
Docker containers cannot read or write files on a bind-mounted host directory when the container process runs as a different UID than the host file owner.
What Causes This Error
The container's application runs as a non-root user (e.g., UID 1000) but the host directory is owned by root or a different UID. Linux file permissions are enforced by UID, not username — a container user "app" (UID 1000) and a host user "deploy" (UID 1001) are different users to the filesystem.
How to Fix
- Match the container user's UID to the host file owner:
docker run --user $(id -u):$(id -g) -v /host/path:/container/path image- Or change host directory ownership to match the container's UID:
sudo chown -R 1000:1000 /host/path- In the Dockerfile, create a user with the expected UID:
RUN groupadd -g 1000 app && useradd -u 1000 -g app app
USER app