Docker-compose set user and group on mounted volum

2020-02-07 18:44发布

站内问答 / Docker
1866 3 6

I'm trying to mount a volume in docker-compose to apache image. The problem is, that apache in my docker is run under www-data:www-data but the mounted directory is created under root:root. How can I specify the user of the mounted directory?

I tried to run command setupApacheRights.sh. chown -R www-data:www-data /var/www but it says chown: changing ownership of '/var/www/somefile': Permission denied

services:
    httpd:
        image: apache-image
        ports:
            - "80:80"
        volumes:
            - "./:/var/www/app"
        links:
            - redis
        command: /setupApacheRights.sh

I would prefer to be able to specify the user under which it will be mounted. Is there a way?

3条回答
倾城 Initia
2楼-- · 2020-02-07 19:28

To achieve the desired behavior without changing owner / permissions on the host system do the following steps.

  1. add the definition to your docker-compose.yml

    user: "${UID}:${GID}"

    so your file could look like this

    php: # this is my service name
    user: "${UID}:${GID}" # we added this line to get a specific user / group id
    image: php:7.3-fpm-alpine # this is my image
# and so on

  2. set the values in your .env file

    UID=1000
GID=1001

Now your user in the container has the id 1000 and the group is 1001 and you can set that differently for every environment.

If you don't use docker-compose or want to know more different approaches to achieve this have a read through my source of information: https://dev.to/acro5piano/specifying-user-and-group-in-docker-i2e

查看更多
0人赞 添加讨论(0) 举报
Bombasti
3楼-- · 2020-02-07 19:29

If you're using Docker, you want this directly in your config rather than performing manual steps every time you build an image. The bad news is there's no owner/group/permission settings for volume as of 2019

查看更多
0人赞 添加讨论(0) 举报
老娘就宠你
4楼-- · 2020-02-07 19:36

First determine the uid of the www-data user:

$ docker exec DOCKER_CONTAINER_ID id
uid=100(www-data) gid=101(www-data) groups=101(www-data)

Then, on your docker host, change the owner of the mounted directory using the uid (100 in this example):

chown -R 100 ./

Dynamic Extension

If you are using docker-compose you may as well go for it like this:

$ docker-compose exec SERVICE_NAME id
uid=100(www-data) gid=101(www-data) groups=101(www-data)
$ chown -R 100 ./

You can put that in a one-liner:

$ chown -r $(docker-compose exec SERVICE_NAME id -u) ./

The -u flag will only print the uid to stdout.

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(6)