Closed alexeyp0708 closed 2 weeks ago
If the mounted directories (volumes) already have the correct owner/permissions for the user that you want to run mysql
as, then just run the container with that user id (and group id) and it will just work. The image is designed to run in this way.
docker run --user 1000:1000 -e ... mysql:8.4
The chown
and user swap are only done when running as root
(and indeed can only be done as root).
https://github.com/docker-library/mysql/blob/c857c9c091e6194c9fb9c91e83d343b186e103cd/8.4/docker-entrypoint.sh#L208-L210
https://github.com/docker-library/mysql/blob/c857c9c091e6194c9fb9c91e83d343b186e103cd/8.4/docker-entrypoint.sh#L375-L377
@yosifkit volume is a universal storage to which several containers can connect, and therefore he should not depend on the settings of a specific container. Overriding the rights of a volume and its contents will disrupt the volume's interaction with other containers. If the volume and its contents are assigned to the same user and the containers communicate via the user ID(have access), the integrity of the interaction is maintained. If MYSQL supports the ability to interact with data through another user, then this possibility should be implemented in the Docker container. ~But you may not change anything and think that this is how it should be. At least my solution works for me.~
Example: An nginx container and a php container can be configured in a way where data in a volume can be jointly managed through the user www-data(id82). ~Mysql container requires a special case, since they decided to hardcode 'mysql' user into the entry points. This is at least unprofessional.~
@yosifkit
docker run --user 1000:1000 -e ... mysql:8.4
I'm sorry. I didn’t immediately see the solution and didn’t understand that the mysql user is assigned only if the container is started as a root user.
I encountered a problem where I need to change the user for mysqld as described here.
In the script "docker-entrypoint.sh" the user "mysql" is hardcoded. Before starting mysqld, the root user is changed to the user "mysql" through the "gosu" component ( docker-entrypoint.sh#L377 ) . All initialized directories and files have the owner "mysql" ( docker-entrypoint.sh#L210 ) . This behavior does not allow working with volumes and directories for which a different user ID is assigned.
To fix this, you need to dynamically assign a user to the mysqld process. I propose to make the following changes to "docker-entrypoint.sh" :
Set process user
change code https://github.com/docker-library/mysql/blob/c857c9c091e6194c9fb9c91e83d343b186e103cd/8.4/docker-entrypoint.sh#L210 to
change code https://github.com/docker-library/mysql/blob/c857c9c091e6194c9fb9c91e83d343b186e103cd/8.4/docker-entrypoint.sh#L376-L377 to