OS X: version 10.11.3 (build: 15D21)
Docker.app: version v1.11.0-beta7
Running diagnostic tests:
[OK] docker-cli
[OK] Moby booted
[OK] driver.amd64-linux
[OK] vmnetd
[OK] osxfs
[OK] db
[OK] slirp
[OK] menubar
[OK] environment
[OK] Docker
[OK] VT-x
Docker logs are being collected into /tmp/20160417-115851.tar.gz
Most specific failure is: No error was detected
Your unique id is: 47779643-9B0A-41C6-A6C3-B95D1BDD5CF6
Steps to reproduce the behavior
docker run -d -p 80:80 -v /hostDataFolder:/var/lib/mysql mysql:5.6
output:
chown: changing ownership of ‘/var/lib/mysql/…’: Permission denied
I tried using privileged and cap-add all but no difference so maybe something to do with the new way the host shares are handled
What specifically is /hostDataFolder? Which user owns that directory? Docker for Mac runs primarily as your user even when sharing the host file system so if the directory being shared is not owned by the user/group that started the Docker for Mac application, changing ownership will fail.
I could not reproduce your exact error but see
$ docker run --rm -e MYSQL_ALLOW_EMPTY_PASSWORD=1 -v `pwd`/foo:/var/lib/mysql mysql:5.6
Initializing database
FATAL ERROR: Could not chown directory /var/lib/mysql//mysql
when the empty `pwd`/foo is owned by root.
Please, keep in mind that the Docker for Mac Beta is not yet production-grade software and data loss may occur. I recommend keeping backups of any important data that you use with Docker for Mac. With that said, we very much appreciate your reports and look forward to more in the future. If the ownership of the host directory is not the cause of the fault, we would be happy to debug further.
Thanks for participating in the Docker for Mac Beta!
Not sure how we should deal with this. Some apps require special permissions and ownership (postgresql for example needs to be owned by the postgresql user) and change these at runtime.
The permissions on OS X are not mapped into containers in Docker for Mac Beta. Currently, we use a simplified permissions model where user and group ownership is squashed to the requesting uid/gid in the container. In the near future, we will move to a model where container permissions are persisted in parallel to OS X file system permissions.
If you change the permissions on the host to a uid/gid that your user account has rights to modify, does it work?
Finally, we don’t currently support [f]stat[v]fs syscalls into bind mounted directories so PostgreSQL may fail to run if it demands answers about the volume via those calls. Support for this use case will be shipped soon.
This has always been a pain , saying this I don’t think I have a better idea how to improve.
Would it be possible to set some bind options for mounted volumes and host folders something like:
docker run --rm -e MYSQL_ALLOW_EMPTY_PASSWORD=1 -v /foo:/var/lib/mysql -vg 1100:666 -vg 1200:555 -vu 1300:777
meaning any file or folder with
gid in the host 1100 will be a gid of 666 in the container
gid in the host 1200 will be a gid of 555 in the container
uid in the host 1300 will be a uid of 666 in the container
if possible wouldn’t this eliminate the problem ?
Tried your suggestion and changed the owner and group to my own user , but still fails with the same error
I even did sudo chmod -R 777 and still the same error
privileged and cap_add ALL
also didn’t help
mysql and postgresql handle the permissions the same way - entrypoint script which runs chmod …
the only difference is that postgresql will refuse to start unless correct onwer is set