Home > OS >  How do I give access to container to have full access for a bind volume
How do I give access to container to have full access for a bind volume

Time:01-15

I have a problem deploying some docker images when I use bind volumes and when I check the logs I see errors like access denied when the docker application try to create a folder. For example the following docker compose create two containers, one for the postgres database and one for the postgres admin panel.

version: '3.7'

services:

  PostgresDB:
    image: postgres    
    environment:
      - POSTGRES_DB=MyDatabase
      - POSTGRES_USER=MyUser
      - POSTGRES_PASSWORD=MyPassword
    volumes: 
      - ./data:/var/lib/postgresql/data
    ports:
      - '5432:5432'

  PostgresDBAdmin:  
    image: dpage/pgadmin4
    environment:
      PGADMIN_DEFAULT_EMAIL: [email protected]
      PGADMIN_DEFAULT_PASSWORD: MyPasword
      PGADMIN_CONFIG_SERVER_MODE: 'False'
    volumes:
       - pgadmin:/var/lib/pgadmin
    ports:
      - "5050:80"

volumes:
    pgadmin:

For the database I use bind volume but for the panel I use normal volume. The application works fine. If I change the panel container to use bind volumes my docker compose file looks like this

version: '3.7'

services:

  PostgresDB:
    image: postgres    
    environment:
      - POSTGRES_DB=MyDatabase
      - POSTGRES_USER=MyUser
      - POSTGRES_PASSWORD=MyPassword
    volumes: 
      - ./data:/var/lib/postgresql/data
    ports:
      - '5432:5432'

  PostgresDBAdmin:  
    image: dpage/pgadmin4
    environment:
      PGADMIN_DEFAULT_EMAIL: [email protected]
      PGADMIN_DEFAULT_PASSWORD: MyPasword
      PGADMIN_CONFIG_SERVER_MODE: 'False'
    volumes:
       - ./pgadmin:/var/lib/pgadmin
    ports:
      - "5050:80"

This will have as a result the panel container to fail because of directory permission problem. The generated error log looks like this

PostgresDBAdmin_1  | ERROR  : Failed to create the directory /var/lib/pgadmin/sessions:
PostgresDBAdmin_1  |            [Errno 13] Permission denied: '/var/lib/pgadmin/sessions'
PostgresDBAdmin_1  | HINT   : Create the directory /var/lib/pgadmin/sessions, ensure it is writeable by
PostgresDBAdmin_1  |          'pgadmin', and try again, or, create a config_local.py file
PostgresDBAdmin_1  |          and override the SESSION_DB_PATH setting per
PostgresDBAdmin_1  |          https://www.pgadmin.org/docs/pgadmin4/6.18/config_py.html
PostgresDBAdmin_1  | Traceback (most recent call last):
PostgresDBAdmin_1  |   File "/pgadmin4/pgadmin/setup/data_directory.py", line 82, in create_app_data_directory
PostgresDBAdmin_1  |     _create_directory_if_not_exists(config.SESSION_DB_PATH)
PostgresDBAdmin_1  |   File "/pgadmin4/pgadmin/setup/data_directory.py", line 20, in _create_directory_if_not_exists
PostgresDBAdmin_1  |     os.mkdir(_path)
PostgresDBAdmin_1  | PermissionError: [Errno 13] Permission denied: '/var/lib/pgadmin/sessions'

This kind of problem is rare and I try to find a way to give access to the container to create the directory but I did not find a way to do it. The reason that I want to be able to use bind volumes is because in cases like NopCommerce it makes easier for me to have access to the files in order to create a theme.

Can someone help me to solve this problem?

CodePudding user response:

The pgadmin container process runs under a user with UID 5050.

That user needs to have access to the ./pgadmin directory on the host.

One way to do that is to create a user on the host with that UID and make it a member of a group that has access to the ./pgadmin directory.

If, for instance, ./pgadmin is owned by you and your group that are both called 'pitaridis', then you can create a user called 'pgadmin' like this

sudo adduser --system --no-create-home --uid 5050 --ingroup pitaridis --shell /usr/sbin/nologin pgadmin

Then the container process can access ./pgadmin and create the files that it needs.

Another way that may be easier but is less secure, is to run the container as root, like this:

  PostgresDBAdmin:  
    image: dpage/pgadmin4
    environment:
      PGADMIN_DEFAULT_EMAIL: [email protected]
      PGADMIN_DEFAULT_PASSWORD: MyPasword
      PGADMIN_CONFIG_SERVER_MODE: 'False'
    volumes:
       - ./pgadmin:/var/lib/pgadmin
    ports:
      - "5050:80"
    user: root

CodePudding user response:

You have to specify user:root inside the PostgreAdmin Service. And the result of the docker compose file look like this :

PostgresDBAdmin:  
  image: dpage/pgadmin4
  user: root
  environment:
    PGADMIN_DEFAULT_EMAIL: [email protected]
    PGADMIN_DEFAULT_PASSWORD: MyPasword
    PGADMIN_CONFIG_SERVER_MODE: 'False'
  volumes:
    - ./pgadmin:/var/lib/pgadmin
  ports:
    - "5050:80"

Page link:https//www.codepudding.com/os/672794.html

Prev:docker: Error response from daemon: could not select device driver "" with capabilities: [
Next:TypeError: No loop matching the specified signature and casting was found for ufunc greater
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding