Reputation: 3431
Docker volume mount and permissions: www-data on host (33) becomes xfs (33) in Alpine Linux
I have trouble with a Directory mount from my host in a docker container:
- Alpine Linux includes user xfs (33) and group xfs (33), with no www-data
- the files on host are owned by www-data (33)
- I need these files to be accessible by nginx inside the nginx:alpine docker image
This is a fullstack situation: I am using a service stack to make files available on local lan. the stack uses nginx:alpine, images are made available - so I cannot easily modify the Dockerimage.
Is there anything that I can do that xfs inside the Alpine Linux image does't get user and group id 33?
I tried to set PUID and PGID in the docker-compose.yml,
but it doesn't work (I also have trouble understanding this):
services:
celeryworker:
environment:
- PUID=33
- PGID=33
Minimal reproducable example:
Files on the host:cd /mnt/nfs/folder1
ls -alh
>-rwxr-xr-x 1 www-data www-data 3.5M Sep 21 15:41 '02 - track.mp3'
ls -alhn
>-rwxr-xr-x 1 33 33 3.5M Sep 21 15:41 '02 - track.mp3'
less /etc/passwd | grep www-data
>www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
version: "3"
services:
celeryworker:
restart: unless-stopped
image: funkwhale/funkwhale:1.0.1
networks:
- default
depends_on:
- postgres
- redis
command: celery -A funkwhale_api.taskapp worker -l INFO --concurrency=0
environment:
- C_FORCE_ROOT=true
volumes:
- "/mnt/nfs/:/music:ro"
docker exec -it funkwhale_celeryworker_1 /bin/bash
cd /music/folder1/
ls -alh
>-rwxr-xr-x 1 xfs xfs 3.4M Sep 21 13:41 '02 - track1.mp3'
ls -alhn
>-rwxr-xr-x 1 33 33 3.4M Sep 21 13:41 '02 - track1.mp3'
su xfs
>This account is not available
less /etc/passwd | grep xfs
>xfs:x:33:33:X Font Server:/etc/X11/fs:/sbin/nologin
Upvotes: 11
Views: 7716
Answers (2)
Reputation: 1277
Late reply, but maybe it could help somebody else.. The UID:GID for www-data in Debian/Ubuntu doesn't match with the IDs in Alpine:
| user : group | Debian/Ubuntu (uid:gid) | Alpine (uid:gid) |
|---|---|---|
| www-data : www-data | 33 : 33 | 82 : 82 |
| xfs : xfs | - | 33 : 33 |
If your host folder is owned by www-data:www-data (33:33), then inside the Alpine container this uid:gid is going to match with the uid:gid of xfs:xfs and you will have problems with the permissions.
To solve this issue you can change the ownership in the host to 82:82:
$ sudo chown -R 82:82 host_directory
Upvotes: 14
Related Questions
- Docker volumes : specifying permissions using mount options
- File permission in docker container with volume mount
- Docker chown doesn't work for www-data user, permissions aren't changing
- Docker: file permissions with --volume bind mount
- Docker file permissions mismatch between host dir and container using bind-mount
- Volume inside another volume use www-data instead of root
- Local docker volume with write permission from www-data
- Docker not mounting host files
- Docker: Permissions for a mounted volume
- Docker Volumes mounting issue