Phusion Passenger and Docker-Compose Issue with Permissions

I am encountering a permissions issue when running docker-compose and Phusion Passenger’s docker image.

Specifically, the error is:
Permission denied @ rb_sysopen - /var/www/my_app/tmp/.....

  • Docker complains about invalid certificate after update to v1.7.0
  • Interactive command-line application in a Docker container
  • Docker Weave and WeaveDNS issues
  • Docker - A clean tomcat image
  • How can I curl 127.0.0.1/8000 while django development server is running?
  • Node.js cluster module cannot use all the cpu cores when running inside docker container
  • My docker-compose.yml file contains the following information:

    happy_passenger:
      build: .
      container_name: happy_passenger
      ports:
        - "80:80"
      volumes:
        - .:/var/www/my_app
      links:
       - redis
    redis:
      container_name: my_redis
      image: redis
      ports:
        - "6379:6379"
    

    When running docker-compose up, the application loads, but then I am met with the Permission denied @ rb_sysopen error.


    My Dockerfile is relatively straight-forward too:

    # Dockerfile
    
    FROM phusion/passenger-ruby21:0.9.17
    MAINTAINER meoww- "none@none.com"
    
    # Set correct environment variables.
    ENV HOME /root
    
    # Initialize "in production"
    ENV RAILS_ENV production
    
    # Use baseimage-docker's init process.
    CMD ["/sbin/my_init"]
    
    # Turn on Nginx
    RUN rm -f /etc/service/nginx/down
    
    # Remove the default site that comes with Nginx
    RUN rm /etc/nginx/sites-enabled/default
    
    ADD nginx.conf /etc/nginx/sites-enabled/my_app.conf
    
    WORKDIR /tmp
    ADD Gemfile /tmp/
    ADD Gemfile.lock /tmp/
    RUN bundle install
    
    ADD . /var/www/my_app
    RUN chown -R app:app /var/www/my_app
    
    # Clean up APT when done.
    RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
    

    Troubleshooting

    1. When I modify my docker-compose.yml file and remove the volumes: block, I am able to view my application. Unfortunately, if I don’t have a volumes: block, then I am required to rebuild the docker image after every code change that I make. So that option will not work.

    2. I noticed that when the application starts, I’m seeing a permissions error too:

    App 66 stderr: Rails Error: Unable to access log file. Please ensure that /var/www/my_app/log/development.log exists and is writable (ie, make it writable for user and group: chmod 0664 /var/www/my_app/log/development.log)

    Per the error above (#2), I tried adding a RUN chmod -R 0664 /var/www/my_app to my Dockerfile and removing + rebuilding everything (e.g. docker rmi [image], then docker-compose up which rebuilt my image). This didn’t seem to have any impact on this issue.


    At this point, I’m inclined to think that there’s something wrong with the way I’m setting up the docker-compose read-write permissions, but I am not finding any clear documentation on what I need to change.

    Any advice would be appreciated.

    Thanks in advance.

  • MongoDB & Docker: connections from Dockerized Mongo client to external server refused
  • Using Docker for Drupal Dev (Local)
  • What server URL should one provide for TeamCity agent in Docker?
  • How best to use docker in this situation
  • Docker confusion
  • Using docker to compose a remote image with a local code base for *development*
  • One Solution collect form web for “Phusion Passenger and Docker-Compose Issue with Permissions”

    It appears that the issue is a bug with boot2docker and how it mounts volumes on OSX. First, I ran the command docker inspect happy_passenger. This gave me the following information about my volume:

    "Mounts": [
        {
            "Source": "/Users/meow/test/www/demodocker",
            "Destination": "/var/www/my_app",
            "Mode": "rw",
            "RW": true
        }
    ],
    

    The volume was showing up in docker as Read/Write (R/W) enabled. Under normal circumstances, this would indicate that I should be able to use a mounted volume and write to the file system. However, since a bug exists with the R/W permissions, I was encountering various errors due to the fact that the permissions were wrong. Even running chmod -R 777 . on the shared and host directories did not fix the issue

    To fix this, I did the following:

    In my dockerfile

    # Dockerfile
    
    FROM phusion/passenger-ruby21:0.9.17
    MAINTAINER meoww- "none@none.com"
    
    # Hack to get around the boot2docker issue.
    RUN usermod -u 1000 app
    RUN usermod -G staff app
    

    After adding the two commands RUN usermod -u 1000 app and RUN usermod -G staff app I was able to successfully load up my containerized application when using docker-compose up.

    Hope this helps someone fix their docker permission errors/docker mounted volume bug.

    Also, here’s a link to the issue in Github:

    https://github.com/boot2docker/boot2docker/issues/581

    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.