Docker Container Volume Not Writable

By jwow ⋅ 4024-12-14 Sat 00:15 ⋅ docker, programming

Say you clone a repo, you run docker-compose up, it pulls down packages, and you finally visit the app on localhost.

And then disaster strikes–500 errors. It turns out some directory isn't writable from the app. In my case, codeigniter needed to write a cache file to the mounted volume.

tl;dr

tl;dr the remedy I used was to

Shell into the container: docker exec <container-name> -it sh

Once you're inside the container like this, I was root in the subvolume. You can run the rest of the commands from the container. Of course, you can do it outside of the container too.

(Note this doesn't always work because not all containers will have a shell–but they usually do.)
Find the user running the process in question (read thru the docker entrypoint file of the container)
```
# this lists the user who owns the process on the left-most column
ps aux | grep <program-name>
```
If ps isn't installed, this might not work, in which case you can read docs on what the user would be by looking through the dockerfile for the image of the container. You can also cat /etc/passwd if that helps you narrow things down.
Find what group the user was in, and set the group for all files recursively
```
id <user-name>
```
Should return something like uid=33(http) gid=33(http) groups=33(http)

Change the group for your repository

chgrp -R <group-name> /path/to/subvolume

Set the rwx group permissions
```
chmod g+rwx /path/to/subvolume
```

And then I had no errors!

Interestingly I had a user called http since I run apache2 (also called httpd) outside container. And in the container had a user called www-data. When I ran ls -la from my host machine, I saw the group was http. When I ran the same command inside the container, I saw the group was www-data, which was interesting.

Anyway, hope this helped.

(FWIW I don't remember having this problem on mac, so this might be something you tend to run into while in linux.)