5
Wack
6y

Question about permission in `docker-compose`

So far, I've usually used vagrant for local dev. It was nice, as I was able to specify `wack:wack` as owner of all files. However with docker compose, if I connect with exec and use `/bin/bash` I'm logged in as `root`. When I then run composer, it kind of fucks with the file permissions, as after it all new files are owned by root and thus can't be edited with an ide on the "host" system.

One hack that I found suggested creating an user and a group with same uid as on the host and use that instead of root. This just doesn't sound right to me. Any advice on how to handle this situation?

Comments
  • 1
    We run docker on our machines (mac os), but we never faced this kind of problem :/
    I'll follow the topic to see how to solve it, in case I will find myself in the same situation.
  • 1
    @CoffeeNcode I guess you're refering to this section: "Manage Docker as a non-root user", right? I did that but the issue still is, that when I enter the bash in the container, I'm logged in there as root, which inturn causes files generated by the container and synced to the host by the volume to be owned by root.
  • 1
    @Wack you want to specify which user runs in the container. Do that in the docker-composer.yml file like this:

    version: '3.3'
    services:
    rspec:
    image: my-docker/my-build-environment:latest
    environment:
    - RAILS_ENV=test
    command: ["make", "assets"]

    # LIKE THIS:
    user: ${CURRENT_UID}
    volumes:
    - .:/app
  • 1
    @lucaspar I'm currently out, but that sounds like what I need, I'll definetivly look into this! Do I need to specify this for all containers in my docker-compose.yml file, or is there like a global option for it?
  • 1
    @Wack you'll need to do that for every service you have described in the .yml, that is, every one you don't want to run as root. But once you do that you can just "docker-compose up" it from then on.

    Edit: In your case just the services that write the files you're having permission issues should solve it.
Add Comment