Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Docker compose volume Permissions linux

Tags:

linux

docker

permissions

docker-compose

wordpress

I try to run wordpress in a docker container my docker-compose.yaml file is:

version: "2"
services:
  my-wpdb:
    image: mariadb
    ports:
      - "8081:3306"
    environment:
      MYSQL_ROOT_PASSWORD: ChangeMeIfYouWant
  my-wp:
    image: wordpress
    volumes:
      - ./:/var/www/html
    ports:
      - "8080:80"
    links:
      - my-wpdb:mysql
    environment:
      WORDPRESS_DB_PASSWORD: ChangeMeIfYouWant

When i build the docker structure the volume is mounted but belongs to root.

I tried to change that with:

my-wp:
  image: wordpress
  user: 1000:1000    # added
  volumes:
    - ./:/var/www/html
  ports:
    - "8080:80"
  links:
    - my-wpdb:mysql
  environment:
    WORDPRESS_DB_PASSWORD: ChangeMeIfYouWant

Now I can edit files. But then the container doesn't serve the website anymore.

What is the right way to solve this permission issue?

like image 933
linus heinz Avatar asked Oct 21 '18 16:10

linus heinz

People also ask

What is volume used for in Docker compose?

Volumes are the preferred, and extensively used, mechanisms for persisting data generated by Docker containers. Docker volumes basically create a link between one of the local folders on the system and the folder on the docker container.

Does Docker compose create volumes?

We can also create a volume with Docker compose service or also specify existing volumes. For example, the following screenshot shows a 'docker-compose' file that creates a docker-compose service with a volume. As a result of the above command, a volume with the name 'myvolume' gets created.

1 Answers

According to the docker-compose and docker run reference, the user option sets the user id (and group id) of the process running in the container. If you set this to 1000:1000, your webserver is not able to bind to port 80 any more. Binding to a port below 1024 requires root permissions. This means you should remove the added user: 1000:1000 statement again.

To solve the permission issue with the shared volume, you need to change the ownership of the directory. Run chown 1000:1000 /path/to/volume. This can be executed inside the container or directly on the host system. The change is persistent and effective immediately (no container restarted required).

In general, I think the volume should be in a sub-directory, e.g.

  volumes:
    - ./public:/var/www/html

Make sure that the correct user owns ./public. If you start the container and the directory does not exist, docker creates it for you. In this case, the directory is owned by root and you need to change ownership manually as explained above.

Alternatively, you can run the webserver as an unprivileged user (user: 1000:1000), let the server listen on port 8080 and change the routing to

 ports:
    - "8080:8080"
like image 159
sauerburger Avatar answered Oct 06 '22 08:10

sauerburger
Sign in to Comment

Related questions

Would dropping X altogether hurt? [closed]
How does a Linux socket buffer overflow?
replace a dynamic shared library in run time
os.getenv returns None instead correct value [closed]
Garbage collection in bash
Cannot get environment variables in Django settings file
Emulate physical USB device Linux
Errno 2 using python shutil.py No such file or directory for file destination
Swift on OS X compiling for Linux?
How can dhclient be made namespace aware?
Tox installs the wrong version of pip to it's virtual env
cURL does not work but same site works with browser
how to enable http2 on centos7
Anyone know of any statically-typed scripting languages? [closed]
Is a return value of 0 from write(2) in C an error?
How to deal with Linux/Python dependencies?
What is the difference between execl and execv?
What would cause a java process to greatly exceed the Xmx or Xss limit?
Avahi Hostname Resolution: Is it caching somewhere?
How can I make a Java cross-platform GUI application (Windows, Linux)? What tools should I use? [closed]

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!