Change file permissions in mounted folder inside docker container on Windows Host
Solution 1
I had the same problem of not being able to change ownership even after using chown. And as I researched, it was because of NTFS volumes being mounted inside ext filesystem. So I used another approach.
The volumes internal to docker are free from these problems. So you can mount your file on internal docker volume and then create a hard symlink to that file inside your local folder wherever you want:
sudo ln $(docker volume inspect --format '{{ .Mountpoint }}' <project_name>_<volume_name>) <absolute_path_of_destination>
This way you can have your files in desired place, inside docker and without any permission issues, and you will be able to modify the contents of file as in the normal volume mount due to hard symlink.
Here is a working implementation of this process which mounts and links a directory. In case you wanna know about the details, see possible fix section in issue.
EDIT
Steps to implement this approach:
- Mount the concerned file in internal docker-volume(also known as
named volumes). -
Before making hardlink, make sure volumes and concerned file are present there. To ensure this, you should have run your container at least once before or if you want to automate this file creation, you can include a docker run which creates the required files and exits.
docker run --rm -itd \ -v "<Project_name>_<volume_name>:/absolute/path" \ <image> bash -c "touch /absolute/path/<my_file>"
This docker run will create volumes and required files. Here, container is my project name, by default, it is the name of the folder in which project is present and <volume_name> is the same as one which we want to use in our original container. <image> can be the same one which is already being used in your original containers.
- Create a hardlink in your OS to the actual file location on your system. You can find the file location using
docker volume inspect --format '{{ .Mountpoint }}' <project_name>_<volume_name>/<my_file>. Linux users can uselnin terminal and windows users can usemklinkin command prompt.
In step 3 we have not used /absolute/path since the <volume_name> refers to that location already, and we just need to refer to the file.
Solution 2
Try one of the following:
-
If you can rebuild the image image:
image: (secrect company registry)/docker-stretchimal-apache2-php7-pmathen inside the docker file, add the followingUSER root RUN chmod 655 config.inc.php
Then you can rebuild the image and push it to the registry, and what you were doing should work. This should be your preferred solution, as you don't want to be manually changing the permissions everytime you start a new container
-
Try to exec using the user root explicitly
docker exec -it -u root [container] bash
Tom M
Front end developer from germany, Node.js enthusiast, caffeine junkie.
Updated on July 09, 2022Comments
-
Tom M almost 2 years
Disclaimer/Edit 2
Some years later, for everyone reading this question - If you are on Windows and want to use docker with linux containers, I highly recommend not using docker for windows at all and instead starting the entire docker environment inside a VM altogether. This Ext3 NTFS issue will break your neck on so many different levels that installing docker-machine might not even be worth the effort.
Edit:
I am using
docker-machinewhich starts a boot2docker instance inside a Virtualbox VM with a shared folder on /c/Users from which you can mount volumes into your containers. The permissions of said volumes are the ones the question is about. The VMs are stored under /c/Users/tom/.docker/I chose to use the
docker-machineVirtualbox workflow over Hyper-V because I need VBox in my daily workflow and running Hyper-V and Virtualbox together on one system is not possible due to incompabilities between different Hypervisors.Original question
I am currently trying to set up PHPMyAdmin in a container on windows but I can't change the permissions of the
config.inc.phpfile.I found: Cannot call chown inside Docker container (Docker for Windows) and thought this might be somewhat related but it appears to apply only to MongoDB.
This is my docker-compose.yml
version: "3" services: pma: image: (secrect company registry)/phpmyadmin ports: - 9090:80 volumes: - /c/Users/tom/projects/myproject/data/var/www/public/config.inc.php:/var/www/public/config.inc.phpnow, when I
docker exec -it [container] bashand change in the mounted directory, I try to runchmodon theconfig.inc.phpbut for some reason, it fails silently.root@22a4bag43245: ls -la config.inc.php -rw------- 1 root root 0 Aug 11 15:11 config.inc.php root@22a4bag43245: chmod 655 config.inc.php root@22a4bag43245: ls -la config.inc.php -rw------- 1 root root 0 Aug 11 15:11 config.inc.phpConsidering the linked answer, I thought I could just move the volume out of my Userhome but then vbox doesn't mount the folder at all.
How do I change the file permissions of
/var/www/public/config.inc.phppersistently? -
Tom M over 6 yearsI am unable to change permissions of directories/volumes mounted from windows host into docker container. AFAIK, 1. will
chmodtheconfic.inc.phpinside the image which will get overridden by my mounted confic.inc.php. 2. does not work. Even if I-u root, the permissions still won't change when Ichmod. -
yamenk over 6 years@TomM can you provide the docker file for the image?
-
Tom M over 6 yearsno, sorry. But it does not work with images from the official registry either so I doubt the image is at fault
-
Tom M over 6 yearsthis approach looks promising. I'll try it and get back to you, thank you
-
Tom M over 6 yearswait, I can't hardlink on my host OS since it's windows. Did I misunderstand you?
-
Ayushya over 6 yearsThis was for linux OS, for windows you can usemklink. More details here -
Tom M over 6 yearsso basically I create a hardlink from my windows host into a datavolume and mount that volume in my container?
-
Ayushya over 6 yearsThat is exactly what I am trying to do. I'll update the detailed steps in my answer.
-
Tom M over 6 years
mklink /h /d '/mnt/sda1/var/lib/docker/volumes/myproject_data-volume/_data/config.inc.php' \Users\tom\projects\myproject\data\var\www\public\config.inc.phpreturns "invalid Option - "mnt" on cmd. -
Tom M over 6 yearsI also tried
for /f "usebackq tokens=*" %i in (docker volume inspect --format '{{.Mountpoint}}' "myproject_data-volume/config.inc.php") do mklink /h /d %i \Users\tom\projects\myproject\mydata\config.inc.phpwhich did not work either. -
Tom M over 6 yearsI have created a data-volume containing a file beforehand but the
docker volume inspectcommand returns a unix path. -
Tom M over 6 yearswell, combining
/hand/dinmklinkis not supposed to work together anyways but even with valid syntax I can't hardlink a unixpath to a windowspath -
Ayushya over 6 yearsAh, I found that volume path on windows and mac is different than the actual path shown by
volume inspect -
Ayushya over 6 yearsPath in windows is
C:\Users\Public\Documents\Hyper-V\Virtual -
Tom M over 6 yearsI'm not using Hyper-V but virtualbox driver and
docker-machine. Is there still a chance to get this working somehow? -
Ayushya over 6 yearsIf you can update your question with the details of the process, then maybe we could look for another approach. Might be that your files are accessible in some other way.
-
Tom M over 6 yearswhat process exactly?
-
Ayushya over 6 yearsI am not sure about virtual-box driver, are you running the containers in virtual box? The process I wanna know about is that how you are accessing real files on host and how your docker is running. More relevant part would be, where your docker is storing its files?
-
Tom M over 6 yearsare you okay with me moving this discussion to the chat?
-
Ayushya over 6 yearsLet us continue this discussion in chat.
-
Matt about 6 yearsA hard link can't cross file system boundaries so this wouldn't work for file shared from Windows > Linux -
Slava Fomin II about 5 yearsDockerfile is executed (built) before volume is mounted, you can't change permissions in mounted volume this way.
