Nikhil-Gohil
commented
1 week ago I am seeing similar permission issues after I updated from docker desktop 4.34.1 --> 4.35.1
All of my preexisting containers fail to spin up because inside the container, there are no permissions to write to the default "/config" folder that I have bind mount.
Docker compose has this setup for a container:
volumes:
- "~/config/sonarr:/config"
- "/mnt/data:/data"When I spin up the container, I see errors like:
2024-11-12 12:27:15 [v4.0.10.2624] NzbDrone.Common.Exceptions.SonarrStartupException: Sonarr failed to start: AppFolder /config is not writable
Inside the container:
/ # whoami
root
/ # ls -ld /config
drwxrwxr-x 8 root root 4096 Nov 11 12:03 /config
/ # touch /config/write_test.txt
touch: cannot touch '/config/write_test.txt': Permission deniedFrom the host system:
UbuntuLTS-Server:~$ whoami
nikhil
UbuntuLTS-Server:~$ ls -ld ~/config/sonarr/
drwxrwxr-x 8 100999 100999 4096 Nov 11 12:03 /home/nikhil/config/sonarr/
UbuntuLTS-Server:~$ touch ~/config/sonarr/write_test.txt
touch: cannot touch '/home/nikhil/config/sonarr/write_test.txt': Permission denied
UbuntuLTS-Server:~$ sudo touch ~/config/sonarr/write_test.txt
UbuntuLTS-Server:~$ On the host system, the files show up as owned by uid 100999, and I can edit them after I become root. Inside the container, it shows the directory as owned by root, and even when I am the root user, I am unable to create/edit files in the directory.
I am unsure if this is a similar issue that you have flagged but thought I would post here first nonetheless. I attempted to --force-recreate, that did not help.
docker version
Client: Docker Engine - Community
Version: 27.3.1
API version: 1.47
Go version: go1.22.7
Git commit: ce12230
Built: Fri Sep 20 11:40:59 2024
OS/Arch: linux/amd64
Context: desktop-linux
Server: Docker Desktop 4.35.1 (173168)
Engine:
Version: 27.3.1
API version: 1.47 (minimum version 1.24)
Go version: go1.22.7
Git commit: 41ca978
Built: Fri Sep 20 11:41:11 2024
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.7.21
GitCommit: 472731909fa34bd7bc9c087e4c27943f9835f111
runc:
Version: 1.1.13
GitCommit: v1.1.13-0-g58aa920
docker-init:
Version: 0.19.0
GitCommit: de40ad0docker info
Client: Docker Engine - Community
Version: 27.3.1
Context: desktop-linux
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: v0.17.1-desktop.1
Path: /usr/lib/docker/cli-plugins/docker-buildx
compose: Docker Compose (Docker Inc.)
Version: v2.29.7-desktop.1
Path: /usr/lib/docker/cli-plugins/docker-compose
debug: Get a shell into any image or container (Docker Inc.)
Version: 0.0.37
Path: /usr/lib/docker/cli-plugins/docker-debug
desktop: Docker Desktop commands (Alpha) (Docker Inc.)
Version: v0.0.15
Path: /usr/lib/docker/cli-plugins/docker-desktop
dev: Docker Dev Environments (Docker Inc.)
Version: v0.1.2
Path: /usr/lib/docker/cli-plugins/docker-dev
extension: Manages Docker extensions (Docker Inc.)
Version: v0.2.27
Path: /usr/lib/docker/cli-plugins/docker-extension
feedback: Provide feedback, right in your terminal! (Docker Inc.)
Version: v1.0.5
Path: /usr/lib/docker/cli-plugins/docker-feedback
init: Creates Docker-related starter files for your project (Docker Inc.)
Version: v1.3.0
Path: /usr/lib/docker/cli-plugins/docker-init
sbom: View the packaged-based Software Bill Of Materials (SBOM) for an image (Anchore Inc.)
Version: 0.6.0
Path: /usr/lib/docker/cli-plugins/docker-sbom
scout: Docker Scout (Docker Inc.)
Version: v1.14.0
Path: /usr/lib/docker/cli-plugins/docker-scout
Server:
Containers: 20
Running: 18
Paused: 0
Stopped: 2
Images: 65
Server Version: 27.3.1
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Using metacopy: false
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 2
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 472731909fa34bd7bc9c087e4c27943f9835f111
runc version: v1.1.13-0-g58aa920
init version: de40ad0
Security Options:
seccomp
Profile: unconfined
cgroupns
Kernel Version: 6.10.11-linuxkit
Operating System: Docker Desktop
OSType: linux
Architecture: x86_64
CPUs: 6
Total Memory: 1.846GiB
Name: docker-desktop
ID: 1e6a09e0-54e0-459b-bf3b-85bf422b99a9
Docker Root Dir: /var/lib/docker
Debug Mode: false
HTTP Proxy: http.docker.internal:3128
HTTPS Proxy: http.docker.internal:3128
No Proxy: hubproxy.docker.internal
Labels:
com.docker.desktop.address=unix:///home/nikhil/.docker/desktop/docker-cli.sock
Experimental: false
Insecure Registries:
hubproxy.docker.internal:5555
127.0.0.0/8
Live Restore Enabled: false
WARNING: daemon is not using the default seccomp profileversion: "3.7"
services:
sonarr:
container_name: sonarr
image: ghcr.io/hotio/sonarr:nightly
ports:
- "8989:8989"
environment:
- PUID=1000
- PGID=1000
- UMASK=002
- TZ=America/Los_Angeles
restart: unless-stopped
volumes:
- "~/config/sonarr:/config"
- "/mnt/data:/data"
Description
After upgrading to the latest Docker version, I encountered multiple permission-related errors when attempting to change ownership on MySQL files within the /var/lib/mysql directory. These errors prevent the application from accessing essential MySQL data and include the following messages:
Reproduce
Expected behavior
No response
docker version
docker info
Diagnostics ID
6702D0A6-6A45-4CBD-9C89-5302B8B37473/20241109022826
Additional Info
version: "3.9" services: db: image: mysql:8.0.30 volumes: