diff --git a/pkg/volume/aws_ebs/aws_ebs.go b/pkg/volume/aws_ebs/aws_ebs.go
index 1278afe39f9..d71804855b1 100644
--- a/pkg/volume/aws_ebs/aws_ebs.go
+++ b/pkg/volume/aws_ebs/aws_ebs.go
@@ -291,6 +291,10 @@ func (b *awsElasticBlockStoreBuilder) SetUpAt(dir string, fsGroup *int64) error
 		return err
 	}
 
+	if !b.readOnly {
+		volume.SetVolumeOwnership(b, fsGroup)
+	}
+
 	return nil
 }
 
diff --git a/pkg/volume/cinder/cinder.go b/pkg/volume/cinder/cinder.go
index 28a35e21086..30d312385a8 100644
--- a/pkg/volume/cinder/cinder.go
+++ b/pkg/volume/cinder/cinder.go
@@ -284,6 +284,10 @@ func (b *cinderVolumeBuilder) SetUpAt(dir string, fsGroup *int64) error {
 		return err
 	}
 
+	if !b.readOnly {
+		volume.SetVolumeOwnership(b, fsGroup)
+	}
+
 	return nil
 }
 
diff --git a/pkg/volume/downwardapi/downwardapi.go b/pkg/volume/downwardapi/downwardapi.go
index 1811a8674d9..1b9a887a722 100644
--- a/pkg/volume/downwardapi/downwardapi.go
+++ b/pkg/volume/downwardapi/downwardapi.go
@@ -157,6 +157,9 @@ func (b *downwardAPIVolumeBuilder) SetUpAt(dir string, fsGroup *int64) error {
 	}
 
 	glog.V(3).Infof("Data dumped for downwardAPI volume %v for pod %v/%v", b.volName, b.pod.Namespace, b.pod.Name)
+
+	volume.SetVolumeOwnership(b, fsGroup)
+
 	return nil
 }
 
diff --git a/pkg/volume/empty_dir/empty_dir.go b/pkg/volume/empty_dir/empty_dir.go
index 409e20947d1..275ac19b225 100644
--- a/pkg/volume/empty_dir/empty_dir.go
+++ b/pkg/volume/empty_dir/empty_dir.go
@@ -190,6 +190,8 @@ func (ed *emptyDir) SetUpAt(dir string, fsGroup *int64) error {
 		err = fmt.Errorf("unknown storage medium %q", ed.medium)
 	}
 
+	volume.SetVolumeOwnership(ed, fsGroup)
+
 	if err == nil {
 		volumeutil.SetReady(ed.getMetaDir())
 	}
diff --git a/pkg/volume/fc/disk_manager.go b/pkg/volume/fc/disk_manager.go
index b7419ecc95b..c064eada605 100644
--- a/pkg/volume/fc/disk_manager.go
+++ b/pkg/volume/fc/disk_manager.go
@@ -21,6 +21,7 @@ import (
 
 	"github.com/golang/glog"
 	"k8s.io/kubernetes/pkg/util/mount"
+	"k8s.io/kubernetes/pkg/volume"
 )
 
 // Abstract interface to disk operations.
@@ -33,7 +34,7 @@ type diskManager interface {
 }
 
 // utility to mount a disk based filesystem
-func diskSetUp(manager diskManager, b fcDiskBuilder, volPath string, mounter mount.Interface) error {
+func diskSetUp(manager diskManager, b fcDiskBuilder, volPath string, mounter mount.Interface, fsGroup *int64) error {
 	globalPDPath := manager.MakeGlobalPDName(*b.fcDisk)
 	// TODO: handle failed mounts here.
 	noMnt, err := mounter.IsLikelyNotMountPoint(volPath)
@@ -64,6 +65,11 @@ func diskSetUp(manager diskManager, b fcDiskBuilder, volPath string, mounter mou
 		glog.Errorf("failed to bind mount:%s", globalPDPath)
 		return err
 	}
+
+	if !b.readOnly {
+		volume.SetVolumeOwnership(&b, fsGroup)
+	}
+
 	return nil
 }
 
diff --git a/pkg/volume/fc/fc.go b/pkg/volume/fc/fc.go
index a930803a236..0f5b1efc0d4 100644
--- a/pkg/volume/fc/fc.go
+++ b/pkg/volume/fc/fc.go
@@ -182,7 +182,7 @@ func (b *fcDiskBuilder) SetUp(fsGroup *int64) error {
 
 func (b *fcDiskBuilder) SetUpAt(dir string, fsGroup *int64) error {
 	// diskSetUp checks mountpoints and prevent repeated calls
-	err := diskSetUp(b.manager, *b, dir, b.mounter)
+	err := diskSetUp(b.manager, *b, dir, b.mounter, fsGroup)
 	if err != nil {
 		glog.Errorf("fc: failed to setup")
 	}
diff --git a/pkg/volume/gce_pd/gce_pd.go b/pkg/volume/gce_pd/gce_pd.go
index 2fb2a0d5f44..907d3389bff 100644
--- a/pkg/volume/gce_pd/gce_pd.go
+++ b/pkg/volume/gce_pd/gce_pd.go
@@ -280,6 +280,10 @@ func (b *gcePersistentDiskBuilder) SetUpAt(dir string, fsGroup *int64) error {
 		return err
 	}
 
+	if !b.readOnly {
+		volume.SetVolumeOwnership(b, fsGroup)
+	}
+
 	return nil
 }
 
diff --git a/pkg/volume/iscsi/disk_manager.go b/pkg/volume/iscsi/disk_manager.go
index 800633ae46e..70dd679e61e 100644
--- a/pkg/volume/iscsi/disk_manager.go
+++ b/pkg/volume/iscsi/disk_manager.go
@@ -21,6 +21,7 @@ import (
 
 	"github.com/golang/glog"
 	"k8s.io/kubernetes/pkg/util/mount"
+	"k8s.io/kubernetes/pkg/volume"
 )
 
 // Abstract interface to disk operations.
@@ -33,7 +34,7 @@ type diskManager interface {
 }
 
 // utility to mount a disk based filesystem
-func diskSetUp(manager diskManager, b iscsiDiskBuilder, volPath string, mounter mount.Interface) error {
+func diskSetUp(manager diskManager, b iscsiDiskBuilder, volPath string, mounter mount.Interface, fsGroup *int64) error {
 	globalPDPath := manager.MakeGlobalPDName(*b.iscsiDisk)
 	// TODO: handle failed mounts here.
 	notMnt, err := mounter.IsLikelyNotMountPoint(volPath)
@@ -64,6 +65,11 @@ func diskSetUp(manager diskManager, b iscsiDiskBuilder, volPath string, mounter
 		glog.Errorf("failed to bind mount:%s", globalPDPath)
 		return err
 	}
+
+	if !b.readOnly {
+		volume.SetVolumeOwnership(&b, fsGroup)
+	}
+
 	return nil
 }
 
diff --git a/pkg/volume/iscsi/iscsi.go b/pkg/volume/iscsi/iscsi.go
index 429848c8eba..afdfb278868 100644
--- a/pkg/volume/iscsi/iscsi.go
+++ b/pkg/volume/iscsi/iscsi.go
@@ -181,7 +181,7 @@ func (b *iscsiDiskBuilder) SetUp(fsGroup *int64) error {
 
 func (b *iscsiDiskBuilder) SetUpAt(dir string, fsGroup *int64) error {
 	// diskSetUp checks mountpoints and prevent repeated calls
-	err := diskSetUp(b.manager, *b, dir, b.mounter)
+	err := diskSetUp(b.manager, *b, dir, b.mounter, fsGroup)
 	if err != nil {
 		glog.Errorf("iscsi: failed to setup")
 	}
diff --git a/pkg/volume/rbd/disk_manager.go b/pkg/volume/rbd/disk_manager.go
index 229827fd903..37982491b0c 100644
--- a/pkg/volume/rbd/disk_manager.go
+++ b/pkg/volume/rbd/disk_manager.go
@@ -27,6 +27,7 @@ import (
 
 	"github.com/golang/glog"
 	"k8s.io/kubernetes/pkg/util/mount"
+	"k8s.io/kubernetes/pkg/volume"
 )
 
 // Abstract interface to disk operations.
@@ -39,7 +40,7 @@ type diskManager interface {
 }
 
 // utility to mount a disk based filesystem
-func diskSetUp(manager diskManager, b rbdBuilder, volPath string, mounter mount.Interface) error {
+func diskSetUp(manager diskManager, b rbdBuilder, volPath string, mounter mount.Interface, fsGroup *int64) error {
 	globalPDPath := manager.MakeGlobalPDName(*b.rbd)
 	// TODO: handle failed mounts here.
 	notMnt, err := mounter.IsLikelyNotMountPoint(volPath)
@@ -70,6 +71,11 @@ func diskSetUp(manager diskManager, b rbdBuilder, volPath string, mounter mount.
 		glog.Errorf("failed to bind mount:%s", globalPDPath)
 		return err
 	}
+
+	if !b.ReadOnly {
+		volume.SetVolumeOwnership(&b, fsGroup)
+	}
+
 	return nil
 }
 
diff --git a/pkg/volume/rbd/rbd.go b/pkg/volume/rbd/rbd.go
index 0e562885d3a..8807c646626 100644
--- a/pkg/volume/rbd/rbd.go
+++ b/pkg/volume/rbd/rbd.go
@@ -209,7 +209,7 @@ func (b *rbdBuilder) SetUp(fsGroup *int64) error {
 
 func (b *rbdBuilder) SetUpAt(dir string, fsGroup *int64) error {
 	// diskSetUp checks mountpoints and prevent repeated calls
-	err := diskSetUp(b.manager, *b, dir, b.mounter)
+	err := diskSetUp(b.manager, *b, dir, b.mounter, fsGroup)
 	if err != nil {
 		glog.Errorf("rbd: failed to setup")
 	}
diff --git a/pkg/volume/secret/secret.go b/pkg/volume/secret/secret.go
index 91332949920..f1c8f39df76 100644
--- a/pkg/volume/secret/secret.go
+++ b/pkg/volume/secret/secret.go
@@ -173,6 +173,8 @@ func (b *secretVolumeBuilder) SetUpAt(dir string, fsGroup *int64) error {
 		}
 	}
 
+	volume.SetVolumeOwnership(b, fsGroup)
+
 	volumeutil.SetReady(b.getMetaDir())
 
 	return nil