0

I am playing around with docker and have seem to run into this permission issue. I started off with the boilerplate react app and am trying map changes to the source code (on my computer, ie host) onto my containers, so that I see the updates instantly. So I dont have to build my image and create containers again and again. If I do build everything from scratch again things works great with no permission issue.

Here's my dockerfile

FROM node:14.17.5-alpine3.14
RUN addgroup app && adduser -S -G app app 
# creating folders first to avoid permission issues
RUN mkdir /app
# directory to map a volume
RUN mkdir /app/data
# changing folder permissions
RUN chown -R app:app /app
# Set app as user AFTER setting permissions
USER app
WORKDIR /app
# Copy and install separtely to speed up builds
COPY --chown=app:app package*.json yarn.lock ./ 
RUN yarn install
# Copy (& also give owner rights to the current user probably unnecessary)
COPY --chown=app:app . .
# the env var is unnecessary, just for testing
ENV API_URL=http://api.myapp.com/
EXPOSE 3000
CMD ["yarn", "start"]

Then I build my image and create my container as below which works as expected. With user app being the owner and having right permissions. Everything is great when I access localhost:5002

# create container but I don't map host to container
docker run -d -p 5002:3000 --name not-mapped-container dockerized-react-app
# run interactive shell
sudo docker exec -it <container_id/name> sh
# from inside container's shell I list the files
# and everything is what I expect
/app $ ls -l
total 528
-rw-rw-r--    1 app      app            664 Aug 20 15:45 Dockerfile
-rw-r--r--    1 app      app           3362 Aug 19 19:14 README.md
drwxr-xr-x    1 app      app           4096 Aug 20 15:45 data
drwxr-xr-x    1 app      app           4096 Aug 20 17:27 node_modules
-rw-rw-r--    1 app      app            824 Aug 19 19:14 package.json
drwxrwxr-x    2 app      app           4096 Aug 19 19:14 public
drwxrwxr-x    2 app      app           4096 Aug 19 19:14 src
-rw-rw-r--    1 app      app         510089 Aug 19 19:14 yarn.lock

But now if I do pretty much the exact same thing, but try and map host to containers. Things are not as expected and the owner of the directory is the user node and not app (the set user according to my dockerfile). Now when I go to localhost:8080, I get the following permission issue EACCES: permission denied, mkdir '/app/node_modules/.cache'

# The only change, trying to map host with containers for instant updates
docker run -d -p 8080:3000 --name mapped-container -v $(pwd):/app  dockerized-react-app
# run interactive shell again
sudo docker exec -it <container_id/name> sh
# list the files again but now the owner is node
/app $ ls -l
total 556
-rw-rw-r--    1 node     node           664 Aug 20 15:45 Dockerfile
-rw-r--r--    1 node     node          3362 Aug 19 19:14 README.md
drwxrwxr-x 1047 node     node         36864 Aug 19 19:14 node_modules
-rw-rw-r--    1 node     node           824 Aug 19 19:14 package.json
drwxrwxr-x    2 node     node          4096 Aug 19 19:14 public
drwxrwxr-x    2 node     node          4096 Aug 19 19:14 src
-rw-rw-r--    1 node     node        510089 Aug 19 19:14 yarn.lock

So why does this happen? Am I not correctly mapping source code on host to the container or is it something else?

ssaquif
  • 150
  • 1
  • 11
  • In my opinion, you have a problem between the `app` user and the `node` user. Try to read [this](https://stackoverflow.com/questions/23544282/what-is-the-best-way-to-manage-permissions-for-docker-shared-volumes) and see if answer your question. – Max Aug 22 '21 at 11:13

0 Answers0