Running docker on Ubuntu: mounted host volume is not writable from container
If your uid
on the host (id -u
) isn't the same as the uid
of the user in the docker container (often "docker") then you can have this problem. You can try:
- Making the UIDs the same between your user and the user in the docker container.
- Setting the group permissions on the directory to be writable for a group that both you and docker belong to.
- You could also use the nuclear option:
chmod a+rwx -R project-dir/
The nuclear option will make your git
workspace filthy, which will annoy you greatly, so isn't the best long-term solution. It stops the bleeding tho.
For further understanding the problem, you might find these useful:
- https://github.com/docker/docker/issues/7906
- https://github.com/docker/docker/issues/7198
New answer:
This questions seems to have a lot of traffic and there is better solution available now - fixuid, as the name suggests it's a magic executable to change the container user's uid & gid on container startup (using -u somebody:somebody).
For a more in dept explanation see: https://boxboat.com/2017/07/25/fixuid-change-docker-container-uid-gid/
Old answer:
As of docker version 1.7 you have the option to mount a host directory with permissions to a container using the :Z or :z flags like so:
docker run -v ./api:/usr/src/app:Z
- :z - will add permissions to all containers using label 'svirt_sandbox_file_t'
- :Z - will add permissions only to the current container label
As of docker-compose v1.4.0, you can use it in docker compose like this:
volumes:
- ./api:/usr/src/app:Z
Although I should add I still have some problems with this (see Adding permissions to host directory with docker-compose).
References:
Using Volumes with Docker can Cause Problems with SELinux - http://www.projectatomic.io/blog/2015/06/using-volumes-with-docker-can-cause-problems-with-selinux/
Docker user guide - https://docs.docker.com/engine/userguide/dockervolumes/#volume-labels
Docker-compose release notes for v1.4.0 - https://github.com/docker/compose/releases/tag/1.4.0