docker mounting volume with permission denied

Sam Munroe :

I am trying to setup a docker container that mounts a volume from the host. No matter what I try, it always says permission denied when I remote into the docker container. This is some of the commands I have tried adding to my docker file:

RUN su -c "setenforce 0"

and

chcon -Rt svirt_sandbox_file_t /app

Still I get the following error when I remote into my container:

Error: EACCES: permission denied, scandir '/app' at Error (native)

Error: EACCES: permission denied, open 'npm-debug.log.578996924' at Error (native)

And as you can see, the app directory is assigned to some user with uid 1000:

Here is my docker file:

FROM php:5.6-fpm

# Install modules
RUN apt-get update && apt-get install -y \
    git \
    unzip \
    libmcrypt-dev  \
    libicu-dev \
    mysql-client \
    freetds-dev \
    libxml2-dev

RUN apt-get install -y freetds-dev php5-sybase

# This symlink fixes the pdo_dblib install
RUN ln -s /usr/lib/x86_64-linux-gnu/libsybdb.a /usr/lib/

RUN    docker-php-ext-install pdo \
    && docker-php-ext-install pdo_mysql \
    && docker-php-ext-install pdo_dblib \
    && docker-php-ext-install iconv \
    && docker-php-ext-install mcrypt \
    && docker-php-ext-install intl \
    && docker-php-ext-install opcache \
    && docker-php-ext-install mbstring

# Override the default php.ini with a custom one
COPY ./php.ini /usr/local/etc/php/

# replace shell with bash so we can source files
RUN rm /bin/sh && ln -s /bin/bash /bin/sh

# nvm environment variables
ENV NVM_DIR /usr/local/nvm
ENV NODE_VERSION 4.4.7

# install nvm
RUN curl --silent -o- https://raw.githubusercontent.com/creationix/nvm/v0.31.2/install.sh | bash

# install node and npm
RUN source $NVM_DIR/nvm.sh \
    && nvm install $NODE_VERSION \
    && nvm alias default $NODE_VERSION \
    && nvm use default

# add node and npm to path so the commands are available
ENV NODE_PATH $NVM_DIR/v$NODE_VERSION/lib/node_modules
ENV PATH $NVM_DIR/versions/node/v$NODE_VERSION/bin:$PATH

# confirm installation
RUN node -v
RUN npm -v

# Install Composer
RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer
RUN composer --version

# Configure freetds
ADD ./freetds.conf /etc/freetds/freetds.conf

WORKDIR /app

# Gulp install
RUN npm install -g gulp
RUN npm install -g bower


CMD ["php-fpm"]

Here is my docker-compose:

nginx_dev:
  container_name: nginx_dev
  build: docker/nginx_dev
  ports:
    - "80:80"
  depends_on:
    - php_dev
  links:
    - php_dev
  volumes:
    - ./:/app


php_dev:
  container_name: php_dev
  build: docker/php-dev
  volumes:
    - ./:/app`

Is there any commands I can run to give the root user permissions to access the app directory? I am using docker-compose as well.

BMitch :

From the directory listing, it appears that you have selinux configured (that's the trailing dots on the permission bits). In Docker with selinux enabled, you need to mount volumes with an extra flag, :z. Docker describes this as a volume label but I believe this is an selinux term rather than a docker label on the volume.

Your resulting docker-compose.yml should look like:

version: '2'

services:
   nginx_dev:
      container_name: nginx_dev
      build: docker/nginx_dev
      ports:
        - "80:80"
      depends_on:
        - php_dev
      links:
        - php_dev
      volumes:
        - ./:/app:z


   php_dev:
      container_name: php_dev
      build: docker/php-dev
      volumes:
        - ./:/app:z

Note, I also updated the syntax to version 2. Version 1 of the docker-compose.yml is being phased out. Version 2 will result in the containers being run in their own network by default which is usually preferred but may cause issues if you have other containers trying to talk to these.

Collected from the Internet

Please contact [email protected] to delete if infringement.

edited at2020-07-9

Comments

0 comments

TOP Ranking

Article

docker mounting volume with permission denied

docker mounting volume with permission denied

Loopback Error: connect ECONNREFUSED 127.0.0.1:3306 (MAMP)

Can't pre-populate phone number and message body in SMS link on iPhones when SMS app is not running in the background

pump.io port in URL

How to import an asset in swift using Bundle.main.path() in a react-native native module

Failed to listen on localhost:8000 (reason: Cannot assign requested address)

Spring Boot JPA PostgreSQL Web App - Internal Authentication Error

Emulator wrong screen resolution in Android Studio 1.3

3D Touch Peek Swipe Like Mail

Double spacing in rmarkdown pdf

Svchost high CPU from Microsoft.BingWeather app errors

How to how increase/decrease compared to adjacent cell

Using Response.Redirect with Friendly URLS in ASP.NET

java.lang.NullPointerException: Cannot read the array length because "<local3>" is null

BigQuery - concatenate ignoring NULL

How to fix "pickle_module.load(f, **pickle_load_args) _pickle.UnpicklingError: invalid load key, '<'" using YOLOv3?

ngClass error (Can't bind ngClass since it isn't a known property of div) in Angular 11.0.3

Can a 32-bit antivirus program protect you from 64-bit threats

Make a B+ Tree concurrent thread safe

Bootstrap 5 Static Modal Still Closes when I Click Outside

Vector input in shiny R and then use it

Assembly definition can't resolve namespaces from external packages