Docker file permissions with volumes, Boot2docker and Virtualbox

I am trying to setup an Apache web project locally using Dockerfile and Docker compose on a Mac Yosemite with Boot2docker/Virtualbox. Everything works except for one thing – file permissions on mounted volumes. I need to have some folders writable by PHP and I can’t find a way to change permissions in my build.

This is my Dockerfile:

  • Adding host file to docker container - from Dockerfile
  • Eureka cluster and docker-compose: Registering with host even when I set preferIpAdress: true
  • Installing osixia/docker-openldap using docker-compose
  • Running a Symfony database migration script at Docker container startup
  • “Error response from daemon: 404 page not found” While using docker command
  • Do ruby gi lmitations apply to docker containers
  • FROM ubuntu:latest
    
    RUN apt-get update
    RUN apt-get -y upgrade
    
    # Install apache, PHP, and supplimentary programs. curl and lynx-cur are for debugging the container.
    RUN DEBIAN_FRONTEND=noninteractive apt-get -y install apache2 libapache2-mod-php5 php5-mysql php5-gd php-pear php-apc php5-curl curl lynx-cur
    
    # Enable apache mods.
    RUN a2enmod php5
    RUN a2enmod rewrite
    
    # Update the PHP.ini file, enable <? ?> tags and quieten logging.
    RUN sed -i "s/short_open_tag = Off/short_open_tag = On/" /etc/php5/apache2/php.ini
    RUN sed -i "s/error_reporting = .*$/error_reporting = E_ERROR | E_WARNING | E_PARSE/" /etc/php5/apache2/php.ini
    
    # Manually set up the apache environment variables
    ENV APACHE_RUN_USER www-data
    ENV APACHE_RUN_GROUP www-data
    ENV APACHE_LOG_DIR /var/log/apache2
    ENV APACHE_LOCK_DIR /var/lock/apache2
    ENV APACHE_PID_FILE /var/run/apache2.pid
    
    EXPOSE 80
    
    # Update the default apache site with the config we created.
    COPY apache-config.conf /etc/apache2/sites-available/000-default.conf
    
    # By default, simply start apache.
    CMD /usr/sbin/apache2ctl -D FOREGROUND
    

    This is /build/docker-compose.yml:

    web:
       build: ../.
       ports:
           - 8080:80
       volumes:
           - ../www:/var/www/site
       links:
           - mysql
    mysql:
       image: mysql:5.6
       ports:
           - 3306:3306/tcp
       restart: on-failure
       environment:
           - MYSQL_ROOT_PASSWORD=demo
           - MYSQL_DATABASE=demo
           - MYSQL_USER=demo
           - MYSQL_PASSWORD=demo
    

    I need to have some directories in /var/www/site writable. Have tried various alternatives with chmod and chown but can’t seem to make anything work within the docker container…

    The whole project resides within the /Users folder.

    Docker inspect on my web container gives me the following mounts:

    "Mounts": [
        {
            "Source": "/Users/[myuser]/Documents/[project]/www",
            "Destination": "/var/www/site",
            "Mode": "rw",
            "RW": true
        },
        {
            "Source": "/mnt/sda1/var/lib/docker/volumes/9018974b47f606c262fc1127a2a9ca6420841ca59a3a064e9adee6a6bfacd70f/_data",
            "Destination": "/var/www",
            "Mode": "rw",
            "RW": true
        },
        {
            "Name": "8105b731c655cdaf53d93c2e78a4a3104d4650b49df5879c2004a2aef3a7d9e0",
            "Source": "/mnt/sda1/var/lib/docker/volumes/8105b731c655cdaf53d93c2e78a4a3104d4650b49df5879c2004a2aef3a7d9e0/_data",
            "Destination": "www",
            "Driver": "local",
            "Mode": "",
            "RW": true
        }
    

    So I guess everything is mounted the way it should be? The permissions I can’t seem to get right though.

  • Docker mysql official image
  • Boot2Docker (on Windows) running Mongo with shared folder (This file system is not supported)
  • Docker container cannot access internet, only ping works
  • Why use Consul with Kubernetes, Docker, Mesos?
  • Ansible Docker Connection Error
  • eval “$(docker-machine env default)”
  • Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.