I would like a bunch of containers all to have access to a common storage target. Not used for the containers themselves, but for some of the services inside of them.
In the past, I have done this by creating a special group and a group-writeable directory on the host and then SETGID-mapping various groups in the containers to that group on the host. But it’s kind of a pain in the ass to keep having to do that and also to make sure that different services/binaries inside the container have that special group as primary.
How bad of an idea is it to have a world-writeable directory on the host with the sticky bit on as a target for all of those containerized services instead?