[21pt] Figure out the permissions for non-root users

[RobHanna-NOAA]

Note: Now part of 1377 EPIC: FIM Sys Admin Tasks (and a few related FIM tasks)

During usage of the new Docker.prod, non-root image, it exposed a new problem with lack of ability to create new folders, such as output or temp folders, in some situations where the folder group does not match or the folder was created by a user and their linux credentials.

This may / may not be a trivial fix. TBD.

PS. this will become a priority potentially as ITSG wants to continue getting the new dev1 replacement on line, which uses Podman. A moderate amount of time will likely independently be need (not part of this card) to figure out that process.

---

Update Dec 11, 2024
This largely working now and integrated into code using two separate dockerfiles. One called Dockerfile.dev and one called Dockerfile.prod. However, it is not an optimal or long term solution. It relies on user created on the fly in the dockerfile belonging to a named group. However, all files / folders it needs to access via maps may/may not have the same group name. Ultimately, this will need to be based on picking up the name of the logged in user and using their credentials on Docker Run. Lots of homework to be done. Podman will madidate that we credentials of the person using the docker (podman) image.

This will become very tricky for non OWP staff, but we can maintain a separate but similar dockerfile for those folks as well (based on the root user)

This may create problems in AWS. We may have to consider using Docker for AWS and podman for OWP.

A partial solution was created and merged in a part of 1322 (PR: docker file for OWP, non root user #1322), but it incomplete and has been discovered later to have more limitations than initially expected.