Is it necessary to create local user’s storage for each LDAP user? Is there the better solution to create each user’s private folder automatically for every LDAP user?
It depends on your JupyerHub setup. If you’re using LocalProcessSpawner you may need to create a directory for each user, either in advance or by using a hook, if you’re using a container spawner they should have some configuration options to automatically create a storage volume.
I user DockerSpawner, each user’s local storage volume is created successfully, but the creator is root, so when LDAP user accesses it , the permission denied error happens.
Should I create the local user account for each LDAP user? That’s crazy. Or is there other better solution? Thanks.
This is due to how Docker works- dockerspawner can’t control the default permissions on Docker volumes.
If you’re using one of the recommended docker-stacks images you can automatically chown the volume:
https://jupyter-docker-stacks.readthedocs.io/en/latest/using/common.html#user-related-configurations