问题
I'm trying to mount a volume in docker-compose to apache image. The problem is, that apache in my docker is run under www-data:www-data but the mounted directory is created under root:root. How can I specify the user of the mounted directory?
I tried to run command setupApacheRights.sh. chown -R www-data:www-data /var/www but it says chown: changing ownership of '/var/www/somefile': Permission denied
services:
httpd:
image: apache-image
ports:
- "80:80"
volumes:
- "./:/var/www/app"
links:
- redis
command: /setupApacheRights.sh
I would prefer to be able to specify the user under which it will be mounted. Is there a way?
回答1:
First determine the uid of the www-data user:
$ docker exec DOCKER_CONTAINER_ID id
uid=100(www-data) gid=101(www-data) groups=101(www-data)
Then, on your docker host, change the owner of the mounted directory using the uid (100 in this example):
chown -R 100 ./
Dynamic Extension
If you are using docker-compose you may as well go for it like this:
$ docker-compose exec SERVICE_NAME id
uid=100(www-data) gid=101(www-data) groups=101(www-data)
$ chown -R 100 ./
You can put that in a one-liner:
$ chown -r $(docker-compose exec SERVICE_NAME id -u) ./
The -u flag will only print the uid to stdout.
回答2:
If you're using Docker, you want this directly in your config rather than performing manual steps every time you build an image. The bad news is there's no owner/group/permission settings for volume as of 2019 😢. The good news is there's a trick that does let you bake it into your config 🎉.
You simply need to create the directory with desired settings in your Dockerfile, which means the directory will be present before docker-compose mounts to the location. When the mount occurs, the directory's permissions will be retained.
Dockerfile:
# setup folder before switching to user
RUN mkdir /volume_data
RUN chown postgres:postgres /volume_data
USER postgres
docker-compose.yml
volumes:
- /home/me/postgres_data:/volume_data
source
回答3:
To achieve the desired behavior without changing owner / permissions on the host system do the following steps.
add the definition to your docker-compose.yml
user: "${UID}:${GID}"so your file could look like this
php: # this is my service name user: "${UID}:${GID}" # we added this line to get a specific user / group id image: php:7.3-fpm-alpine # this is my image # and so onset the values in your
.envfileUID=1000 GID=1001
Now your user in the container has the id 1000 and the group is 1001 and you can set that differently for every environment.
If you don't use docker-compose or want to know more different approaches to achieve this have a read through my source of information: https://dev.to/acro5piano/specifying-user-and-group-in-docker-i2e
来源:https://stackoverflow.com/questions/40462189/docker-compose-set-user-and-group-on-mounted-volume