Issue - 403 Forbidden - 13: Permission denied - Nginx

General
,
1

Hi,

I am trying to build a basic Dockerfile using nginx.

Here is the docker file:

FROM nginx:alpine
COPY src/html /usr/share/nginx/html

# Documentation
# EXPOSE 80

CMD ["nginx", "-g", "daemon off;"]

Folder Structure is fine:

image
image717×965 58.2 KB

And I can build the image out of the Dockerfile

root@Synology:/volume2/V2/Docker/VisualStudio-Projects/ngnix# docker build -t css-redmedia .
Sending build context to Docker daemon  9.346MB
Step 1/3 : FROM nginx:alpine
alpine: Pulling from library/nginx
59bf1c3509f3: Already exists
8d6ba530f648: Pull complete
5288d7ad7a7f: Pull complete
39e51c61c033: Pull complete
ee6f71c6f4a8: Pull complete
f2303c6c8865: Pull complete
Digest: sha256:da9c94bec1da829ebd52431a84502ec471c8e548ffb2cedbf36260fd9bd1d4d3
Status: Downloaded newer image for nginx:alpine
 ---> bef258acf10d
Step 2/3 : COPY src/html /usr/share/nginx/html
 ---> 85cd46bb8497
Step 3/3 : CMD ["nginx", "-g", "daemon off;"]
 ---> Running in 3e8236e8d600
Removing intermediate container 3e8236e8d600
 ---> ec05c7e79f19
Successfully built ec05c7e79f19
Successfully tagged css-redmedia:latest

And I can build the container using image and it’s running:

image
image1309×84 10.6 KB

However, once I try to get the nginx, it’s failing with permission issue per the logs:

today at 3:11:16 PM172.17.0.1 - - [26/Feb/2022:20:11:16 +0000] "GET / HTTP/1.1" 403 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.102 Safari/537.36" "-"

today at 3:11:16 PM2022/02/26 20:11:16 [error] 35#35: *2 open() "/usr/share/nginx/html/index.html" failed (13: Permission denied), client: 172.17.0.1, server: localhost, request: "GET / HTTP/1.1", host: "10.0.12.16:8765"

Showing error 403 Forbidden

image
image1141×221 5.42 KB

Any ideas what I am missing here?

Note: Running Docker on Synology DSM

Thanks!

2

Make sure your index.html is copied into the image and the user inside the container has permisison to read it. If the owner of the files on the host was different than the user inside the container and the file could be read only by the owner you need to change the owner during build (COPY --chown=<userid>[:<groupid>] src dst) or make the files readable by anyone.

1 Like
3

Thanks for the response!

in the first screenshot in the dockefile image, you can see the index.html is there.

The user created the files is the same.

I have “everyone” with read permission enabled as well.

root@Synology:/volume2/V2/Docker/VisualStudio-Projects/ngnix# ls -l
total 4
-rwxr-xr-x+ 1 anas users 143 Feb 26 18:20 Dockerfile
drwxr-xr-x+ 1 anas users   8 Feb 26 12:28 src

I just rebuilt the dockerfile image and ran the container after making sure “Everyone” has access to read to the files

Using root as sudo su -

root@Synology:/$ docker run -d -p 8765:80 --name=ngnix-homemade-container d83efa415819

or

Using user with sudo

anas@Synology:/$ sudo docker run -d -p 8765:80 --name=ngnix-homemade-container d83efa415819

Both worked fine now!

I think that is it.

Thanks for the hint/help!!!