How to avoid permission deny with uid/gid 1000 after mount volume with docker?

I am working on Docker version 1.12.5 with Fedora.

I try to create a Mongodb container with following command:

  • Enable to run Docker command error
  • Run dockerd as with non-default group in centos6 as a service?
  • Populate cassandra after Docker-compose finishes
  • Docker make .sh executable and run it
  • Connect to mongo docker with authentication from other docker (node)
  • Service X mounts volumes from Y, which is not the name of a service or container
  • sudo docker run -v $PWD/db:/data/db -p 27017:27017 --name db -it username/mongo /bin/bash

    Here is the response after I start mongodb:

    # mongod
    root@32c9349a75b8:/# mongod
    2016-12-26T09:59:08.643+0000 I CONTROL  [initandlisten] MongoDB starting : pid=10 port=27017 dbpath=/data/db 64-bit host=32c9349a75b8
    2016-12-26T09:59:08.644+0000 I CONTROL  [initandlisten] db version v3.4.1
    2016-12-26T09:59:08.644+0000 I CONTROL  [initandlisten] git version: 5e103c4f5583e2566a45d740225dc250baacfbd7
    2016-12-26T09:59:08.644+0000 I CONTROL  [initandlisten] OpenSSL version: OpenSSL 1.0.2g  1 Mar 2016
    2016-12-26T09:59:08.644+0000 I CONTROL  [initandlisten] allocator: tcmalloc
    2016-12-26T09:59:08.644+0000 I CONTROL  [initandlisten] modules: none
    2016-12-26T09:59:08.644+0000 I CONTROL  [initandlisten] build environment:
    2016-12-26T09:59:08.644+0000 I CONTROL  [initandlisten]     distmod: ubuntu1604
    2016-12-26T09:59:08.644+0000 I CONTROL  [initandlisten]     distarch: x86_64
    2016-12-26T09:59:08.644+0000 I CONTROL  [initandlisten]     target_arch: x86_64
    2016-12-26T09:59:08.644+0000 I CONTROL  [initandlisten] options: {}
    2016-12-26T09:59:08.646+0000 I STORAGE  [initandlisten] exception in initAndListen: 20 Attempted to create a lock file on a read-only directory: /data/db, terminating
    2016-12-26T09:59:08.646+0000 I NETWORK  [initandlisten] shutdown: going to close listening sockets...
    2016-12-26T09:59:08.646+0000 I NETWORK  [initandlisten] shutdown: going to flush diaglog...
    2016-12-26T09:59:08.646+0000 I CONTROL  [initandlisten] now exiting
    2016-12-26T09:59:08.646+0000 I CONTROL  [initandlisten] shutting down with code:100

    I checked the file permission of /data/db:

    root@32c9349a75b8:/data# ls -al 
    total 4
    drwxr-xr-x.  3 root root   16 Dec 26 03:15 .
    drwxr-xr-x. 23 root root  266 Dec 26 09:59 ..
    drwxrwxr-x.  2 1000 1000 4096 Dec 25 16:24 db

    If I just use mkdir to create the directory without mount it with a volume, the owner and group of ‘/db’ will be root, I don’t why the uid and gid are 1000 only after I try -v with docker run command. How can I fix it?

  • docker: Can't use ls in mount directory
  • Docker run command overhead
  • Packer shell provisioning hangs when building Docker container
  • What is the canonical way to see if an image exists in the docker public registry?
  • Dockerfile: understanding VOLUME instruction
  • Docker/Jupyter notebook setting Base URL
  • One Solution collect form web for “How to avoid permission deny with uid/gid 1000 after mount volume with docker?”

    The permission of the volume mount is the permission of the directory web you do a host volume (to a directory on the host). Fixing the permissions on this folder on the host itself resolves the issue.

    Preferably, you can use a named volume instead of a host directory. Docker will maintain the volume and initial contents and the contained permissions will be copied from the image with this type of volume.

    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.