Php: Application can't write files
Docker version 1.11.0, build 4dc5990
docker-compose version 1.7.0, build 0d7bf73
docker-machine version 0.7.0, build a650a40
My Laravel application is unable to write to files locally, throwing a permission denied. From inside the fpm container the files are coming through as...
file_put_contents(/var/www/html/storage/framework/views/4ba75c40a965a58a87ad4566cb6476db1f1314e9.php): failed to open stream: Permission denied
-rwxrwxrwx 1 1000 50 552 Apr 12 01:57 .env.example
-rwxrwxrwx 1 1000 50 797 Apr 12 01:58 .env
-rwxrwxrwx 1 1000 50 647 Apr 15 21:02 docker-compose.yml
drwxr-xr-x 1 1000 50 1224 Apr 15 21:02 .
drwxr-xr-x 1 1000 50 646 Apr 15 23:09 config
drwxr-xr-x 5 root root 4096 Apr 16 00:03 ..
drwxr-xr-x 1 1000 50 544 Apr 16 00:09 .git
drwxr-xr-x 1 1000 50 442 Apr 16 00:10 .idea
I understand there are known issues with volume permissions in Docker, but I"m wondering if there's any workaround for this? I've tried several steps but haven't gotten this to a point where I'm able to work on this locally.
Dockerfile
FROM php:7-fpm-alpine
# add the application to the container
ADD . /var/www/html
# install extensions needed for Laravel
RUN apk update \
&& apk add libmcrypt-dev \
&& docker-php-ext-install mcrypt pdo_mysql \
&& chown -R www-data:www-data /var/www/html \
&& rm /var/cache/apk/*
docker-compose
version: '2'
services:
fpm:
build:
context: .
dockerfile: containers/fpm/Dockerfile
image: me/project:fpm
env_file: .env
volumes:
- ./:/var/www/html
web:
image: nginx:1.9-alpine
volumes_from:
- fpm
volumes:
- ./containers/nginx/vhost.conf:/etc/nginx/conf.d/default.conf
ports:
- "80:80"
bkuhl
All 8 comments
Looks like your running on OSX or Windows. Since the fpm process runs as www-data in the container it does not have access to file that you mount form the host since they are owned by 1000:50. The easiest way to work around it would be to change the uid/gif of www-data to match the ownership of the files. Since you already have a Dockerfile, you can just add a RUN sed -ri 's/^www-data:x:82:82:/www-data:x:1000:50:/' /etc/passwd to adjust it.
yosifkit
on 18 Apr 2016
I added but I couldn't make it work
# Tomado parcialmente de https://github.com/mglaman/docker-php-bcmath/blob/master/7/Dockerfile
# y de https://medium.com/@shakyShane/laravel-docker-part-1-setup-for-development-e3daaefaf3c
# Puede tener errores.
# Puede que xdebug no funcione correctamente.
FROM php:5.6-fpm
RUN apt-get update && apt-get install -y libmcrypt-dev mysql-client git zip unzip libxml2-dev \
&& docker-php-ext-install pdo_mysql
RUN docker-php-ext-install bcmath mysqli mbstring opcache soap
# RUN pecl install mcrypt-1.0.1
# RUN docker-php-ext-enable mcrypt
# Setup xdebug
# RUN pecl install xdebug-beta && docker-php-ext-enable xdebug
# Install APCu
# RUN pecl install apcu && docker-php-ext-enable apcu
# Esto se agregó de aquà https://hub.docker.com/_/php/
RUN apt-get update && apt-get install -y \
libfreetype6-dev \
libjpeg62-turbo-dev \
libpng-dev \
&& docker-php-ext-install -j$(nproc) iconv \
&& docker-php-ext-configure gd --with-freetype-dir=/usr/include/ --with-jpeg-dir=/usr/include/ \
&& docker-php-ext-install -j$(nproc) gd
ENV COMPOSER_ALLOW_SUPERUSER=1
COPY --from=composer:latest /usr/bin/composer /usr/bin/composer
WORKDIR /var/www
RUN sed -ri 's/^www-data:x:82:82:/www-data:x:1000:50:/' /etc/passwd
andreshg112
on 21 Jan 2019
Simpler and more readable is usermod -u 1000 www-data
ghost
on 24 Jan 2019
@yosifkit Seems like your solution does not work on latest alpine anymore. Do you know how to achieve this now on OSX?
Flyrell
on 26 Feb 2019
These days you should simply use --user / user: instead.
tianon
on 26 Feb 2019
@tianon can you please elaborate a bit more? I'm not sure what do you mean.
I'm running php-fpm and nginx, I need to make php-fpm writable, but it has no permissions.
My docker-compose.yml:
version: "3"
volumes:
app:
external: true
services:
mysql:
image: mysql:8.0
command: --default-authentication-plugin=mysql_native_password
restart: always
expose:
- 3306
environment:
MYSQL_ROOT_PASSWORD: root
php:
build: build/php
expose:
- 9000
volumes:
- app:/var/www:rw,cached
depends_on:
- mysql
nginx:
image: nginx:1.15-alpine
ports:
- 8080:80
- 8443:443
volumes:
- ./build/nginx/nginx.conf:/etc/nginx/nginx.conf:ro
- app:/var/www:rw,cached
depends_on:
- php
environment:
- NGINX_HOST=localhost
- NGINX_PORT=80
I'm using docker-sync with unison for syncing.
I tried adding the permissions for www-data user, but nothing has changed
RUN chmod -R 775 /var/www && \
chown -R www-data:www-data /var/www
RUN apk --no-cache add shadow && umask 775 /var/www
I mean you should be able to use user: 1000:1000 (adjusting 1000 as necessary) to run PHP directly as whatever user has access to your files.
tianon
on 27 Feb 2019
I'm sorry. The problem was incorrectly configured sync_userid in
docker-sync.
On Wed, Feb 27, 2019, 01:14 Tianon Gravi notifications@github.com wrote:
I mean you should be able to use user: 1000:1000 (adjusting 1000 as
necessary) to run PHP directly as whatever user has access to your files.—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
https://github.com/docker-library/php/issues/222#issuecomment-467669102,
or mute the thread
https://github.com/notifications/unsubscribe-auth/ASpRkKpT-q9PLEtwrOxOYEb7HlgRyljLks5vRc3ngaJpZM4IIysh
.
Flyrell
on 27 Feb 2019
Related issues
PMExtra
·
3Comments
nojimage
·
3Comments
dhoeric
·
4Comments
sanjay-rakholiya
·
3Comments
cmath10
·
3Comments
Most helpful comment
Looks like your running on OSX or Windows. Since the fpm process runs as
www-datain the container it does not have access to file that you mount form the host since they are owned by1000:50. The easiest way to work around it would be to change the uid/gif ofwww-datato match the ownership of the files. Since you already have a Dockerfile, you can just add aRUN sed -ri 's/^www-data:x:82:82:/www-data:x:1000:50:/' /etc/passwdto adjust it.