Compose File Reference: Ulimits, User, Userns Mode, UTS, and Volumes

parameters (sysctls) at runtime](/reference/cli/docker/container/run.md#sysctl). ### `tmpfs` `tmpfs` mounts a temporary file system inside the container. It can be a single value or a list. ```yml tmpfs: - <path> - <path>:<options> ``` - `path`: The path inside the container where the tmpfs will be mounted. - `options`: Comma-separated list of options for the tmpfs mount. Available options: - `mode`: Sets the file system permissions. - `uid`: Sets the user ID that owns the mounted tmpfs. - `gid`: Sets the group ID that owns the mounted tmpfs. ```yml services: app: tmpfs: - /data:mode=755,uid=1009,gid=1009 - /run ``` ### `tty` `tty` configures a service's container to run with a TTY. This is the same as running a container with the `-t` or `--tty` flag. For more information, see [Allocate a pseudo-TTY](/reference/cli/docker/container/run.md#tty). Supported values are `true` or `false`. ### `ulimits` `ulimits` overrides the default `ulimits` for a container. It's specified either as an integer for a single limit or as mapping for soft/hard limits. ```yml ulimits: nproc: 65535 nofile: soft: 20000 hard: 40000 ``` ### `user` `user` overrides the user used to run the container process. The default is set by the image, for example Dockerfile `USER`. If it's not set, then `root`. ### `userns_mode` `userns_mode` sets the user namespace for the service. Supported values are platform specific and may depend on platform configuration. ```yml userns_mode: "host" ``` ### `uts` {{< summary-bar feature_name="Compose uts" >}} `uts` configures the UTS namespace mode set for the service container. When unspecified it is the runtime's decision to assign a UTS namespace, if supported. Available values are: - `'host'`: Results in the container using the same UTS namespace as the host. ```yml uts: "host" ``` ### `volumes` {{% include "compose/services-volumes.md" %}} The following example shows a named volume (`db-data`) being used by the `backend` service, and a bind mount defined for a single service. ```yml services: backend: image: example/backend volumes: - type: volume source: db-data target: /data volume: nocopy: true subpath: sub - type: bind source: /var/run/postgres/postgres.sock target: /var/run/postgres/postgres.sock volumes: db-data: ``` For more information about the `volumes` top-level element, see [Volumes](volumes.md). #### Short syntax The short syntax uses a single string with colon-separated values to specify a volume mount (`VOLUME:CONTAINER_PATH`), or an access mode (`VOLUME:CONTAINER_PATH:ACCESS_MODE`). - `VOLUME`: Can be either a host path on the platform hosting containers (bind mount) or a volume name. - `CONTAINER_PATH`: The path in the container where the volume is mounted. - `ACCESS_MODE`: A comma-separated `,` list of options: - `rw`: Read and write access. This is the default if none is specified. - `ro`: Read-only access. - `z`: SELinux option indicating that the bind mount host content is shared among multiple containers. - `Z`: SELinux option indicating that the bind mount host content is private and unshared for other containers. > [!NOTE] > > The SELinux re-labeling bind mount option is ignored on platforms without SELinux. > [!NOTE] > Relative host paths are only supported by Compose that deploy to a > local container runtime. This is because the relative path is resolved from the Compose file’s parent

This section details several Compose file options, beginning with `ulimits` for overriding default container resource limits, followed by `user` to specify the user running the container process. It describes `userns_mode` for setting the user namespace and `uts` for configuring the UTS namespace. The section focuses on `volumes`, providing examples for named volumes and bind mounts, including short syntax descriptions with access mode options, highlighting the use of volumes and their configurations within services.