Wrong permissions in volume in Docker container

macos docker docker-compose docker-machine
12,671

Solution 1

1) General idea: Docker it is not Vagrant. It is wrong to put two different services into one container! Split it into two different images and link them together. Don't do this shitty image.

Check and follow https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/

  • Avoid installing unnecessary packages
  • Run only one process per container
  • Minimize the number of layers

If you do it:

  • you will remove your supervisor
  • your can decrease numbers of layers

It should be something like (example):

FROM alpine

RUN apk add --update \
    wget \
    curl
RUN apk add --update \
    php \
    php-fpm \
    php-pdo \
    php-json \
    php-openssl \
    php-mysql \
    php-pdo_mysql \
    php-mcrypt \
    php-ctype \
    php-zlib
RUN usermod -u 1000 www-data
RUN rm -rf /var/cache/apk/*

EXPOSE 9000

For nginx it is enough to use default image and mount configs. docker-compose file like: 

nginx:
  image: nginx
  container_name: site.dev
  volumes:
    - ./myconf1.conf:/etc/nginx/conf.d/myconf1.conf
    - ./myconf2.conf:/etc/nginx/conf.d/myconf2.conf
    - $PWD/cms:/srv/cms
  ports:
    - "80:80"
  links:
   - phpfpm
phpfpm:
  build: ./phpfpm/
  container_name: phpfpm.dev
  command: php5-fpm -F --allow-to-run-as-root
  volumes:
    - $PWD/cms:/srv/cms

2) Add RUN usermod -u 1000 www-data into Dockerfile for php container, it will fix problem with permission.

Solution 2

For alpine version you need to use:

RUN apk add shadow && usermod -u 1000 www-data && groupmod -g 1000 www-data
Share:
12,671
rotespferd
Author by

rotespferd

Updated on July 12, 2022

Comments

  • rotespferd
    rotespferd almost 2 years

    I run Docker 1.8.1 in OSX 10.11 via an local docker-machine VM.

    I have the following docker-compose.yml:

    web:
    build: docker/web
    ports:
        - 80:80
        - 8080:8080
    volumes:
        - $PWD/cms:/srv/cms

    My Dockerfile looks like this:

    FROM alpine

# install nginx and php
RUN apk add --update \
    nginx \
    php \
    php-fpm \
    php-pdo \
    php-json \
    php-openssl \
    php-mysql \
    php-pdo_mysql \
    php-mcrypt \
    php-ctype \
    php-zlib \
    supervisor \
    wget \
    curl \
    && rm -rf /var/cache/apk/*

RUN mkdir -p /etc/nginx && \
    mkdir -p /etc/nginx/sites-enabled && \
    mkdir -p /var/run/php-fpm && \
    mkdir -p /var/log/supervisor && \
    mkdir -p /srv/cms

RUN rm /etc/nginx/nginx.conf
ADD nginx.conf /etc/nginx/nginx.conf
ADD thunder.conf /etc/nginx/sites-enabled/thunder.conf

ADD nginx-supervisor.ini /etc/supervisor.d/nginx-supervisor.ini

WORKDIR "/srv/cms"
VOLUME "/srv/cms"

EXPOSE 80
EXPOSE 8080
EXPOSE 22

CMD ["/usr/bin/supervisord"]

    When I run everything with docker-compose up everything works fine, my volumes are mounted at the correct place.

    But the permissions in the mounted folder /srv/cms look wrong. The user is "1000" and the group is "50" in the container. The webserver could not create any files in this folder, because it runs with the user "root".

  • Jeff Kilbride
    Jeff Kilbride almost 8 years
    Alpine doesn't support usermod out of the box. You need to install the shadow package from the testing branch.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to access webserver running on localhost from a docker container on a network?
How to use command in docker-compose.yml
localhost not working in docker for mac
Docker run container on different port
Docker error: Cannot create container for service web: invalid mode
How to update docker-compose version on windows 10
Docker + Nginx + PHP-FPM error: [emerg] 1#1: host not found in upstream
Docker. MySQL image. Can't change my.cnf file
Update a docker image in registry
Change file permissions in mounted folder inside docker container on Windows Host