Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Docker compose could not open directory permisson denied

I am totally a newbie when it comes to Docker. And I am trying to understand it with a dummy project. I have a django project and my Dockerfile is inside the Django project's root folder. And my docker-compose.yml file is under the top root folder which contains django project folder and other config files.

my docker-compose.yml

version: '3'
services:
  db:
    image: postgres
    container_name: dummy_project_postgres
    volumes:
      - ./data/db:/var/lib/postgresql/data

  event_planner:
    build: ./dummy_project
    container_name: dummy_project
    volumes:
      - .:/web
    ports:
      - "8000:8000"
    depends_on:
      - db
    links:
      - db:postgres

and my Dockerfile

FROM python:3
ENV PYTHONUNBUFFERED 1
RUN mkdir /web
WORKDIR /web
ADD requirements.txt /web/
RUN pip install -r requirements.txt
ADD . /web/

I am trying to run the following commands

# stop and remove the existing containers
docker-compose stop
docker-compose rm -f

# up and run the container
docker-compose build
docker-compose up -d

docker-compose exec dummy_project bash

When I do docker-compose up -d, I see this error.

docker-compose up -d                                                                         
dummy_project_postgres is up-to-date
Starting dummy_project ... done
warning: could not open directory 'data/db/': Permission denied

I know this question asked before, but I didn't quite get the solution I need and I am stuck for hours now.

EDIT: I have all the permissions for all the folders under the top folder
EDIT2: sudo docker-compose up -d also results the same error.

like image 560
Öykü Avatar asked Nov 06 '18 11:11

Öykü


People also ask

How do I fix docker permissions?

Similar to running a docker command without the sudo command, a stopped Docker Engine triggers the permission denied error. How do you fix the error? By restarting your Docker engine. Run the systemctl command below to confirm the Docker Engine's status ( status docker ) and if it's running.


1 Answers

I solved by adding ":z" to end of volume defintion

version: '3'
services:
  db:
    image: postgres
    container_name: dummy_project_postgres
    volumes:
      - ./data/db:/var/lib/postgresql/data:z

  event_planner:
    build: ./dummy_project
    container_name: dummy_project
    volumes:
      - .:/web
    ports:
      - "8000:8000"
    depends_on:
      - db
    links:
      - db:postgres

What ":z" means

Labeling systems like SELinux require that proper labels are placed on volume content mounted into a container. Without a label, the security system might prevent the processes running inside the container from using the content. By default, Docker does not change the labels set by the OS.

To change the label in the container context, you can add either of two suffixes :z or :Z to the volume mount. These suffixes tell Docker to relabel file objects on the shared volumes. The z option tells Docker that two containers share the volume content. As a result, Docker labels the content with a shared content label. Shared volume labels allow all containers to read/write content. The Z option tells Docker to label the content with a private unshared label. Only the current container can use a private volume.

https://docs.docker.com/engine/reference/commandline/run/#mount-volumes-from-container---volumes-from

what is 'z' flag in docker container's volumes-from option?

like image 157
Farid Escate Avatar answered Sep 22 '22 05:09

Farid Escate