10

I have a problem with creating new files in mounted docker volume.

Firstly after installation docker i added my user to docker group.

sudo usermod -aG docker $USER

Created as my $USER folder:

mkdir -p /srv/redis

And starting container:

docker run -d -v /srv/redis:/data --name myredis redis

when i want to create file in /srv/redis as a user which created container I have a problem with access.

mkdir /srv/redis/redisTest
mkdir: cannot create directory ‘/srv/redis/redisTest’: Permission denied

I tried to search in other threads but i didn't find appropriate solution.

moviss
  • 179
  • 1
  • 2
  • 12

3 Answers3

12

The question title does not reflect the real problem in my opinion.

mkdir /srv/redis/redisTest
mkdir: cannot create directory ‘/srv/redis/redisTest’: Permission denied

This problem occurs very likely because when you run:

docker run -d -v /srv/redis:/data --name myredis redis

the directory /srv/redis ownership changes to root. You can check that by

ls -lah /srv/redis

This is normal consequence of mounting external directory to docker. To regain access you have to run

sudo chown -R $USER /srv/redis
stbnrivas
  • 633
  • 7
  • 9
biocyberman
  • 5,675
  • 8
  • 38
  • 50
  • 1
    Seems like chown works, but is it secure to chown directory which redis container save his files ? – moviss Nov 09 '17 at 10:12
  • @moviss To answer your question. When you run docker again on the volume, some files may get re-chowned to root again, or the application therein (i.e. redis) may even fail because of wrong ownership. So it is a dilemma that I don't have a perfect answer. But you may want to study this docker setup on github that I contributed to, where you can run docker with none-root user. It may give you some ideas: https://github.com/broadinstitute/viral-ngs-deploy/blob/master/docker. Take close look at Dockerfile and env_wrapper.sh where I used `gosu` – biocyberman Nov 09 '17 at 10:36
2

This could also be related (as I just found out) to having SELinux activated. This answer on the DevOps Stack Exchange worked for me:

The solution is to simply append a :z to the [docker] run volume argument so that this:

docker run -v /host/foobar:/src_dir /bin/bash

becomes this:

docker run -it -v /host/foobar:/src_dir:z /bin/bash

Dologan
  • 4,554
  • 2
  • 31
  • 33
1

I think /srv/redis/redisTest directory is created by user inside redis container, so it belong to redis container user.

Have you already check using ls -l to see that /srv/redis/redisTest directory belong to $USER?

kenorb
  • 155,785
  • 88
  • 678
  • 743
Fendi jatmiko
  • 2,567
  • 1
  • 9
  • 15
  • I want to create directory outside of container :P – moviss Nov 09 '17 at 10:12
  • yea .. but when you mount it that way, the directory under /srv/redis/ would be created automatically by the container. . like @biocyberman said. .its very likely that directory belong to root inside redis container.. even if you created it manually – Fendi jatmiko Nov 09 '17 at 15:38