Home > Mobile >  How do I assign permissions in for the user in Docker?
How do I assign permissions in for the user in Docker?

Time:06-06

I am trying to run my DjangoRestFramework project in Docker. This is my deployment script and I am trying to check on my local machine before deploying to the Remote machine. I am able to successfully build the container using

docker-compose -f docker-compose-deploy.yml build

But when I try to run docker-compose -f docker-compose-deploy.yml up I get a PermissionError: [Errno 13] Permission denied. These are the details

Operating System : Windows 10

Dockerfile

FROM python:3.9.13-alpine3.16
LABEL maintainer="[email protected]"

ENV PYTHONUNBUFFERED 1

COPY ./requirements.txt /requirements.txt
COPY ./app /app
COPY ./scripts /scripts

WORKDIR /app
EXPOSE 8000

RUN python -m venv /py && \
  /py/bin/pip install --upgrade pip && \
  apk add --update --no-cache postgresql-client && \
  apk add --update --no-cache --virtual .tmp-deps \
      build-base postgresql-dev musl-dev linux-headers && \
  /py/bin/pip install -r /requirements.txt && \
  apk del .tmp-deps && \
  adduser --disabled-password --no-create-home app && \
  mkdir -p /vol/web/static && \
  mkdir -p /vol/web/media && \
  chown -R app:app /vol && \    
  chmod -R 755 /vol && \
  chmod -R  x /scripts

ENV PATH="/scripts:/py/bin:$PATH"

USER app

CMD ["run.sh"]

This is my docker-compose.yml file

version: "3.9"

services:
  app:
    build:
      context: .
    restart: always
    volumes:
      - static-data:/vol/web
    environment:
      - DB_HOST=db
      - DB_NAME=${DB_NAME}
      - DB_USER=${DB_USER}
      - DB_PASS=${DB_PASS}
      - SECRET_KEY=${SECRET_KEY}
      - ALLOWED_HOSTS=${ALLOWED_HOSTS}
    depends_on:
      - db

  db:
    image: postgres:13-alpine
    restart: always
    volumes:
      - postgres-data:/var/lib/postgresql/data
    environment:
      - POSTGRES_DB=${DB_NAME}
      - POSTGRES_USER=${DB_USER}
      - POSTGRES_PASSWORD=${DB_PASS}

  proxy:
    build:
      context: ./proxy
    restart: always
    depends_on:
      - app
    ports:
      - 80:8000
    volumes:
      - static-data:/vol/static

volumes:
  postgres-data:
  static-data:

This is the stack-trace of the error

app_1    | Traceback (most recent call last):
app_1    |   File "/app/manage.py", line 22, in <module>
app_1    |     main()
app_1    |   File "/app/manage.py", line 18, in main
app_1    |     execute_from_command_line(sys.argv)
app_1    |   File "/py/lib/python3.9/site-packages/django/core/management/__init__.py", line 419, in execute_from_command_line
app_1    |     utility.execute()
app_1    |   File "/py/lib/python3.9/site-packages/django/core/management/__init__.py", line 413, in execute
app_1    |     self.fetch_command(subcommand).run_from_argv(self.argv)
app_1    |   File "/py/lib/python3.9/site-packages/django/core/management/base.py", line 354, in run_from_argv
app_1    |     self.execute(*args, **cmd_options)
app_1    |   File "/py/lib/python3.9/site-packages/django/core/management/base.py", line 398, in execute
app_1    |     output = self.handle(*args, **options)
app_1    |   File "/py/lib/python3.9/site-packages/django/contrib/staticfiles/management/commands/collectstatic.py", line 187, in handle
app_1    |     collected = self.collect()
app_1    |   File "/py/lib/python3.9/site-packages/django/contrib/staticfiles/management/commands/collectstatic.py", line 114, in collect
app_1    |     handler(path, prefixed_path, storage)
app_1    |   File "/py/lib/python3.9/site-packages/django/contrib/staticfiles/management/commands/collectstatic.py", line 348, in copy_file
app_1    |     self.storage.save(prefixed_path, source_file)
app_1    |   File "/py/lib/python3.9/site-packages/django/core/files/storage.py", line 54, in save
app_1    |     name = self._save(name, content)
app_1    |   File "/py/lib/python3.9/site-packages/django/core/files/storage.py", line 260, in _save
app_1    |     os.makedirs(directory, exist_ok=True)
app_1    |   File "/usr/local/lib/python3.9/os.py", line 215, in makedirs
app_1    |     makedirs(head, exist_ok=exist_ok)
app_1    |   File "/usr/local/lib/python3.9/os.py", line 215, in makedirs
app_1    |     makedirs(head, exist_ok=exist_ok)
app_1    |   File "/usr/local/lib/python3.9/os.py", line 215, in makedirs
app_1    |     makedirs(head, exist_ok=exist_ok)
app_1    |   [Previous line repeated 1 more time]
app_1    |   File "/usr/local/lib/python3.9/os.py", line 225, in makedirs
app_1    |     mkdir(name, mode)
app_1    | PermissionError: [Errno 13] Permission denied: '/app/vol'

In my Dockerfile I have specifically given permission for user app for the /vol. What am I missing? How do I solve this issue?

CodePudding user response:

Try organizing your Dockerfile like this:

FROM python:3.9.13-alpine3.16
LABEL maintainer="[email protected]"

ENV PYTHONUNBUFFERED 1

# Create work user
RUN set -x ; \
    addgroup -g 83 -S app ; \
    adduser -u 83 -D -S -G app app && exit 0 ; exit 1 

COPY --chown=app:app ./requirements.txt /requirements.txt
COPY --chown=app:app ./app /app
COPY --chown=app:app ./scripts /scripts

WORKDIR /app
EXPOSE 8000

RUN python -m venv /py && \
  /py/bin/pip install --upgrade pip && \
  apk add --update --no-cache postgresql-client && \
  apk add --update --no-cache --virtual .tmp-deps \
      build-base postgresql-dev musl-dev linux-headers && \
  /py/bin/pip install -r /requirements.txt && \
  apk del .tmp-deps && \
  adduser --disabled-password --no-create-home app && \
  mkdir -p /vol/web/static && \
  mkdir -p /vol/web/media && \
  chown -R app:app /vol && \    
  chmod -R 755 /vol && \
  chmod -R  x /scripts

ENV PATH="/scripts:/py/bin:$PATH"

USER app

CMD ["run.sh"]

To begin, you need to create a user app in your image and copy the files from the host to the container using the --chown option. I also advise you to separate the installation of Python packages from the installation of programs.

CodePudding user response:

Try This

RUN python -m venv /py && \
    /py/bin/pip install --upgrade pip && \
    apk add --update --no-cache postgresql-client && \
    apk add --update --no-cache --virtual .tmp-deps \
        build-base postgresql-dev musl-dev linux-headers && \
    /py/bin/pip install -r /requirements.txt && \
    apk del .tmp-deps && \
    adduser --disabled-password --no-create-home app && \
    mkdir -p /vol/web/static && \
    mkdir -p /vol/web/media && \
    chown -R app:app /app && \              **This has been added**
    chown -R app:app /vol && \
    chmod -R 755 /vol && \
    chmod -R  x /scripts

ENV PATH="/scripts:/py/bin:$PATH"       

USER app

CMD ["run.sh"]
  • Related