[英]Change file permissions in mounted folder inside docker container on Windows Host
Disclaimer/Edit 2 免责声明/编辑2
Some years later, for everyone reading this question - If you are on Windows and want to use docker with linux containers, I highly recommend not using docker for windows at all and instead starting the entire docker environment inside a VM altogether. 几年后,对于每个人都在阅读这个问题 - 如果你在Windows上并希望将docker与linux容器一起使用,我强烈建议不要使用docker for windows,而是在VM中完全启动整个docker环境。 This Ext3 NTFS issue will break your neck on so many different levels that installing docker-machine might not even be worth the effort.
这个Ext3 NTFS问题将在许多不同的层面打破你的脖子,安装docker-machine可能甚至不值得努力。
Edit: 编辑:
I am using docker-machine
which starts a boot2docker instance inside a Virtualbox VM with a shared folder on /c/Users from which you can mount volumes into your containers. 我正在使用docker
docker-machine
,它在Virtualbox VM中启动一个boot2docker实例,在/ c / Users上有一个共享文件夹,您可以从中将卷装入容器。 The permissions of said volumes are the ones the question is about. 所述卷的权限是问题所在的权限。 The VMs are stored under /c/Users/tom/.docker/
VM存储在/c/Users/tom/.docker/下
I chose to use the docker-machine
Virtualbox workflow over Hyper-V because I need VBox in my daily workflow and running Hyper-V and Virtualbox together on one system is not possible due to incompabilities between different Hypervisors. 我选择在Hyper-V上使用
docker-machine
Virtualbox工作流,因为我在日常工作流程中需要VBox,并且由于不同的Hypervisor之间不兼容,因此无法在一个系统上运行Hyper-V和Virtualbox。
Original question 原始问题
I am currently trying to set up PHPMyAdmin in a container on windows but I can't change the permissions of the config.inc.php
file. 我目前正在尝试在Windows上的容器中设置PHPMyAdmin,但我无法更改
config.inc.php
文件的权限。
I found: Cannot call chown inside Docker container (Docker for Windows) and thought this might be somewhat related but it appears to apply only to MongoDB. 我发现: 无法在Docker容器(Docker for Windows)中调用chown,并认为这可能有些相关,但它似乎只适用于MongoDB。
This is my docker-compose.yml 这是我的docker-compose.yml
version: "3"
services:
pma:
image: (secrect company registry)/phpmyadmin
ports:
- 9090:80
volumes:
- /c/Users/tom/projects/myproject/data/var/www/public/config.inc.php:/var/www/public/config.inc.php
now, when I docker exec -it [container] bash
and change in the mounted directory, I try to run chmod
on the config.inc.php
but for some reason, it fails silently . 现在,当我在
docker exec -it [container] bash
并更改挂载的目录时,我尝试在config.inc.php
上运行chmod
但由于某种原因,它无声地失败。
root@22a4bag43245: ls -la config.inc.php
-rw------- 1 root root 0 Aug 11 15:11 config.inc.php
root@22a4bag43245: chmod 655 config.inc.php
root@22a4bag43245: ls -la config.inc.php
-rw------- 1 root root 0 Aug 11 15:11 config.inc.php
Considering the linked answer, I thought I could just move the volume out of my Userhome but then vbox doesn't mount the folder at all. 考虑到链接的答案,我想我可以将音量从我的Userhome中移出,但是vbox根本没有安装该文件夹。
How do I change the file permissions of /var/www/public/config.inc.php
persistently? 如何持久更改
/var/www/public/config.inc.php
的文件权限?
I had the same problem of not being able to change ownership even after using chown
. 我有同样的问题,即使使用
chown
后也无法改变所有权。 And as I researched , it was because of NTFS volumes being mounted inside ext filesystem. 正如我研究的那样 ,这是因为NTFS卷被安装在ext文件系统中。 So I used another approach.
所以我用另一种方法。
The volumes internal to docker are free from these problems. docker内部的卷没有这些问题。 So you can mount your file on internal docker volume and then create a hard symlink to that file inside your local folder wherever you want:
因此,您可以将文件挂载到内部docker卷上,然后在本地文件夹中的任何位置创建一个硬符号链接:
sudo ln $(docker volume inspect --format '{{ .Mountpoint }}' <project_name>_<volume_name>) <absolute_path_of_destination>
This way you can have your files in desired place, inside docker and without any permission issues, and you will be able to modify the contents of file as in the normal volume mount due to hard symlink. 通过这种方式,您可以将文件放在所需的位置,在docker中,并且没有任何权限问题,并且您将能够像在正常的卷装配中那样修改文件的内容,因为硬符号链接。
Here is a working implementation of this process which mounts and links a directory. 以下是此过程的一个有效实现,它安装并链接目录。 In case you wanna know about the details, see
possible fix
section in issue . 如果您想了解详细信息,请参阅
possible fix
在部分问题 。
EDIT 编辑
Steps to implement this approach: 实施此方法的步骤:
named volumes
). named volumes
)。 Before making hardlink, make sure volumes and concerned file are present there. 在制作硬链接之前,请确保存在卷和相关文件。 To ensure this, you should have run your container at least once before or if you want to automate this file creation, you can include a docker run which creates the required files and exits.
要确保这一点,您应该至少运行一次容器,或者如果要自动创建此文件,可以包含一个docker运行,它可以创建所需的文件和退出。
docker run --rm -itd \\ -v "<Project_name>_<volume_name>:/absolute/path" \\ <image> bash -c "touch /absolute/path/<my_file>"
This docker run will create volumes and required files. 此docker run将创建卷和所需文件。 Here,
container
is my project name, by default, it is the name of the folder in which project is present and <volume_name>
is the same as one which we want to use in our original container. 这里,
container
是我的项目名称,默认情况下,它是项目所在文件夹的名称, <volume_name>
与我们想要在原始容器中使用的名称相同。 <image>
can be the same one which is already being used in your original containers. <image>
可以与原始容器中已使用的相同。
docker volume inspect --format '{{ .Mountpoint }}' <project_name>_<volume_name>/<my_file>
. docker volume inspect --format '{{ .Mountpoint }}' <project_name>_<volume_name>/<my_file>
找到文件位置。 Linux users can use ln
in terminal and windows users can use mklink
in command prompt. ln
,windows用户可以在命令提示符下使用mklink
。 In step 3 we have not used /absolute/path
since the <volume_name>
refers to that location already, and we just need to refer to the file. 在步骤3中,我们没有使用
/absolute/path
因为<volume_name>
已经指向该位置,我们只需要引用该文件。
Try one of the following: 请尝试以下方法之一:
If you can rebuild the image image: image: (secrect company registry)/docker-stretchimal-apache2-php7-pma
then inside the docker file, add the following 如果你可以重建图像:
image: (secrect company registry)/docker-stretchimal-apache2-php7-pma
然后在image: (secrect company registry)/docker-stretchimal-apache2-php7-pma
文件里面添加以下内容
USER root RUN chmod 655 config.inc.php
Then you can rebuild the image and push it to the registry, and what you were doing should work. 然后,您可以重建映像并将其推送到注册表,您正在做的事情应该工作。 This should be your preferred solution, as you don't want to be manually changing the permissions everytime you start a new container
这应该是您首选的解决方案,因为您不希望每次启动新容器时都手动更改权限
Try to exec using the user root explicitly 尝试显式使用root用户
docker exec -it -u root [container] bash
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.