Docker chown doesn't work for www-data user, permissions aren't changing

Question

So in my docker file I have the following:

 # Create folders
 RUN mkdir -p /run/php && \
     mkdir -p /var/app && \
     chown -R www-data:www-data /var/app && \
     chown -R www-data:www-data /var/www && \
     chown -R www-data:www-data /run/php

But when I go into the container as www-data or I'm trying to create a file with PHP I get

www-data@5da957973260:~/html$ mkdir ssss
mkdir: cannot create directory 'ssss': Permission denied

Permissions:

root@03b1b84fd90b:/# ls -lah /var/www/
total 20K
drwxr-xr-x 1 www-data www-data 4.0K Jun 15 14:30 .
drwxr-xr-x 1 root     root     4.0K Jun 15 14:30 ..
drwxr-xr-x 1 root     root     4.0K Jun 15 14:30 .ssh
drwxrwxr-x 3     1000     1000 4.0K Jun 15 14:02 html

This is how I start the container:

#!/bin/sh
docker run -d \
    -v $(pwd)/webroot:/var/www/html \
    -v $(pwd)/devroot:/var/app \
    -p 80:80 \
    -p 8100:8100 \
    --name myapp myapp_image

Answer 1

Your problem is the volume mounting - the volume preserves the permissions from outside the container; it is inheriting your host user's permissions. As such, you need the outside directory to have the adequate user ID - the easiest way to get that is to chown inside the container:

root@03b1b84fd90b:/# chown -R www-data. /var/www/html

Then, if you ls from your host, you will see the directory used as a mount now has different permissions:

myuser@host:~/pwd/$ ls -l
drwxr-xr-x 1     15     15  0 jun 15 12:14 webroot/

You can see, in my case, the user is set to uid 15 and gid 15 (which in this case don't exist on my host - it will show a name if it does). So if you want any other volumes, first chown it on the host to that id using:

myuser@host:~/pwd/$ chown -R 15:15 webroot