Docker mounting volume. Permission denied

Question

I have a problem with creating new files in mounted docker volume.

Firstly after installation docker i added my user to docker group.

sudo usermod -aG docker $USER

Created as my $USER folder:

mkdir -p /srv/redis

And starting container:

docker run -d -v /srv/redis:/data --name myredis redis

when i want to create file in /srv/redis as a user which created container I have a problem with access.

mkdir /srv/redis/redisTest
mkdir: cannot create directory ‘/srv/redis/redisTest’: Permission denied

I tried to search in other threads but i didn't find appropriate solution.

what is the user you are trying to run `mkdir redisTest`? and to what groups it belongs? — DevDio, Nov 09 '17 at 08:54
User which created redis container, which is in group docker @DevDio i edited the mkdir path — moviss, Nov 09 '17 at 08:55

score 12 · Accepted Answer · edited Feb 08 '19 at 04:04

12

The question title does not reflect the real problem in my opinion.

mkdir /srv/redis/redisTest
mkdir: cannot create directory ‘/srv/redis/redisTest’: Permission denied

This problem occurs very likely because when you run:

docker run -d -v /srv/redis:/data --name myredis redis

the directory /srv/redis ownership changes to root. You can check that by

ls -lah /srv/redis

This is normal consequence of mounting external directory to docker. To regain access you have to run

sudo chown -R $USER /srv/redis

edited Feb 08 '19 at 04:04

stbnrivas

633
7
9

answered Nov 09 '17 at 09:32

biocyberman

5,675
8
38
50

1

Seems like chown works, but is it secure to chown directory which redis container save his files ? – moviss Nov 09 '17 at 10:12
@moviss To answer your question. When you run docker again on the volume, some files may get re-chowned to root again, or the application therein (i.e. redis) may even fail because of wrong ownership. So it is a dilemma that I don't have a perfect answer. But you may want to study this docker setup on github that I contributed to, where you can run docker with none-root user. It may give you some ideas: https://github.com/broadinstitute/viral-ngs-deploy/blob/master/docker. Take close look at Dockerfile and env_wrapper.sh where I used `gosu` – biocyberman Nov 09 '17 at 10:36

score 2 · Answer 2 · answered May 04 '22 at 17:28

This could also be related (as I just found out) to having SELinux activated. This answer on the DevOps Stack Exchange worked for me:

The solution is to simply append a :z to the [docker] run volume argument so that this:

docker run -v /host/foobar:/src_dir /bin/bash

becomes this:

docker run -it -v /host/foobar:/src_dir:z /bin/bash

score 1 · Answer 3 · edited Feb 23 '19 at 19:49

1

I think /srv/redis/redisTest directory is created by user inside redis container, so it belong to redis container user.

Have you already check using ls -l to see that /srv/redis/redisTest directory belong to $USER?

edited Feb 23 '19 at 19:49

kenorb

155,785
88
678
743

answered Nov 09 '17 at 09:22

Fendi jatmiko

2,567
1
9
15

I want to create directory outside of container :P – moviss Nov 09 '17 at 10:12
yea .. but when you mount it that way, the directory under /srv/redis/ would be created automatically by the container. . like @biocyberman said. .its very likely that directory belong to root inside redis container.. even if you created it manually – Fendi jatmiko Nov 09 '17 at 15:38

Docker mounting volume. Permission denied

3 Answers3