I'm trying to create PostgreSQL container with bind mounted host directory in it as the PostgreSQL data directory. Doing it according to official PostgreSQL docker image documentation and Example from Postres docker-library but stuck on error about initdb changing permissions.
$ ls -lan instance01/ total 8 drwxr-xr-x. 2 1004 1004 4096 Oct 13 23:49 . drwx------. 7 1004 1004 4096 Oct 14 00:00 .. passwd and group files are copied out from the image container and modified to add 1004:1004 as follows:
$ cat passwd_pg root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin bin:x:2:2:bin:/bin:/usr/sbin/nologin sys:x:3:3:sys:/dev:/usr/sbin/nologin sync:x:4:65534:sync:/bin:/bin/sync games:x:5:60:games:/usr/games:/usr/sbin/nologin man:x:6:12:man:/var/cache/man:/usr/sbin/nologin lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin mail:x:8:8:mail:/var/mail:/usr/sbin/nologin news:x:9:9:news:/var/spool/news:/usr/sbin/nologin uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin proxy:x:13:13:proxy:/bin:/usr/sbin/nologin www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin backup:x:34:34:backup:/var/backups:/usr/sbin/nologin list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin irc:x:39:39:ircd:/run/ircd:/usr/sbin/nologin _apt:x:42:65534::/nonexistent:/usr/sbin/nologin nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin postgres:x:999:999::/var/lib/postgresql:/bin/bash foo:x:1004:1004::/var/lib/postgresql:/bin/bash $ cat group_pg root:x:0: daemon:x:1: bin:x:2: sys:x:3: adm:x:4: tty:x:5: disk:x:6: lp:x:7: mail:x:8: news:x:9: uucp:x:10: man:x:12: proxy:x:13: kmem:x:15: dialout:x:20: fax:x:21: voice:x:22: cdrom:x:24: floppy:x:25: tape:x:26: sudo:x:27: audio:x:29: dip:x:30: www-data:x:33: backup:x:34: operator:x:37: list:x:38: irc:x:39: src:x:40: shadow:x:42: utmp:x:43: video:x:44: sasl:x:45: plugdev:x:46: staff:x:50: games:x:60: users:x:100: nogroup:x:65534: postgres:x:999:foo foo:x:1004:foo ssl-cert:x:101:postgres User and group:
$ echo $(id -u):$(id -g) 1004:1004 Now creating the container:
$ podman container create --name postgres-instance01 -e POSTGRES_PASSWORD=test -p 5433:5432 --user $(id -u):$(id -g) --mount type=bind,relabel=private,ro=true,src=/home/foo/passwd_pg,dst=/etc/passwd --mount type=bind,ro=true,src=/home/foo/group_pg,dst=/etc/group,relabel=private --mount type=bind,src="/home/foo/instance01",relabel=private,dst=/var/lib/postgresql/data postgres:15 But when trying to run it the error shows:
$ podman container start -ai postgres-instance01 chmod: changing permissions of '/var/lib/postgresql/data': Operation not permitted chmod: changing permissions of '/var/run/postgresql': Operation not permitted The files belonging to this database system will be owned by user "foo". This user must also own the server process. The database cluster will be initialized with locale "en_US.utf8". The default database encoding has accordingly been set to "UTF8". The default text search configuration will be set to "english". Data page checksums are disabled. fixing permissions on existing directory /var/lib/postgresql/data ... initdb: error: could not change permissions of directory "/var/lib/postgresql/data": Operation not permitted 
/var/lib/postgresql/datais the mount point. You'll have to state the desired permissions and uid/gid during the mount phase rather than later.