PHP mkdir(): Permission denied in docker volume

Question

I'm a bit lost with owner and rights inside a docker container, and I need help regarding the creation of a folder.

I'm mounting in a container a local directory images. When I launch a bash inside my container, here is the rules of my folder:

drwxrwxr-x 2 1000 1000 4096 Apr 24 21:43 images

My php code tries to create a folder:

$prodid = mysqli_insert_id($conn);
$targetDir = "../../theme/modules/products/images/".$prodid."/";
$oldumask = umask(0);
mkdir($targetDir, 0755);

But I receive this error:

Warning
: mkdir(): Permission denied in
/var/www/html/modules/product/product_new.php

I suppose the owner of this folder should be www-data:www-data (and not even sure about that), so I tried to add in my dockerfile:

FROM php:7.3-apache
...
RUN chown www-data:www-data /var/www/html/theme/modules/products/images

and my docker-compose:

version: "2"
services:
    www:
        build: .
        ports: 
            - "80:80"
        volumes:
            - ./www/.htaccess:/var/www/html/.htaccess
            - ./www/lib:/var/www/html/lib
            - ./www/modules:/var/www/html/modules
            - ./www/theme:/var/www/html/theme
            - ./www/index.php:/var/www/html/index.php
            - product-images:/var/www/html/theme/modules/products/images
        links:
            - db
        networks:
            - default
    db:
        image: mariadb:10.2
        volumes:
            - ./dump:/docker-entrypoint-initdb.d
            - mariadb-data:/var/lib/mysql
        networks:
            - default
    phpmyadmin:
        image: phpmyadmin/phpmyadmin
        links: 
            - db:db
        ports:
            - 8001:80
volumes:
    mariadb-data:
    product-images:

Rules are set, error is gone, but the folder is not created. i don't know what should be the ower/group or rights for this folder to allow php to create a folder.

When I docker-inspect the volume:

docker inspect arcadust_product-images
[
    {
        "CreatedAt": "2019-07-30T15:45:31+02:00",
        "Driver": "local",
        "Labels": null,
        "Mountpoint": "/var/lib/docker/volumes/arcadust_product-images/_data",
        "Name": "arcadust_product-images",
        "Options": {},
        "Scope": "local"
    }
]

What am I doing wrong?

what user is running the PHP process? is it www-data as well? — gCoh, Jul 30 '19 at 13:34
I really don't know, and that's why i'm a bit lost. How can I know? — Artik, Jul 30 '19 at 13:41
I edited the title and added the dockerfile. It's a volume `product-images`. — Artik, Jul 30 '19 at 13:57
`docker run -it php:7.3-apache bash -c "whoami"` this will give you docker user, if its root it's mean something wrong with mount directories not within the docker user — Adiii, Jul 30 '19 at 14:03
Yes, it gives me `root`. So how to mount this volume with the correct user? — Artik, Jul 30 '19 at 14:06

score 1 · Answer 1 · answered Nov 19 '19 at 00:21

These are my guesses rather than a working solution but hope some of them will work for you:

Use absolute paths for the host mount point. I had some issues after upgrading docker with host names, IPs, and if I'm not wrong with paths as well. So I would not be surprised if all what you needed would be just to use absolute pahts.

You may try also:

./product-images: ...

instead of

product-images: ...

and check also this approach

here you can read about adding user and adding it to the group. It is not about php but the same rules apply.

For narrowing the source of the problem you may try to create dir by logging to the shell

docker run -it --rm <yourimage>:<version> /bin/sh

and try to create a dir:

cd /var/www/html/theme/modules/products/images
mkdir created
ls -la

and see if the dir is created

if you can get into cli by docker run as above use this:

docker run -it --rm --entrypoint="" <yourimage>:<version> /bin/sh

PHP mkdir(): Permission denied in docker volume

1 Answers1