docker容器的用户权限是否会影响主机对docker-compose.yml中挂载卷的权限？答案

【问题标题】：Can user privilege of docker container impact permission of host machine on mounted volume in docker-compose.yml?docker容器的用户权限是否会影响主机对docker-compose.yml中挂载卷的权限？
【发布时间】：2020-04-27 20:46:22
【问题描述】：

我有docker-compose.yml如下，

version: '2'
services:
  mysql:
    image: centos/mysql-56-centos7:latest
    restart: always
    container_name: mysql
    environment:
       - MYSQL_ROOT_PASSWORD=111111
    volumes:
      - /etc/localtime:/etc/localtime
      - /data/mysql:/var/lib/mysql/data
    ports:
      - 3306:3306

centos/mysql-56-centos7 是来自 Docker Hub 的图像。我用docker-compose up启动容器，但是总是失败，原因是：

Can't create test file /var/lib/mysql/data/cdef45a5817c.lower-test

完整信息：

    Creating network "mysql_default" with the default driver
    Creating mysql ... ^M
    ^[[1A^[[2K^MCreating mysql ... ^[[32mdone^[[0m^M^[[1BAttaching to mysql
    ^[[36mmysql    |^[[0m => sourcing 20-validate-variables.sh ...
    ^[[36mmysql    |^[[0m => sourcing 25-validate-replication-variables.sh ...
    ^[[36mmysql    |^[[0m => sourcing 30-base-config.sh ...
    ^[[36mmysql    |^[[0m ---> 16:39:17     Processing basic MySQL configuration files ...
    ^[[36mmysql    |^[[0m => sourcing 60-replication-config.sh ...
    ^[[36mmysql    |^[[0m => sourcing 70-s2i-config.sh ...
    ^[[36mmysql    |^[[0m ---> 16:39:17     Processing additional arbitrary  MySQL configuration provided by s2i ...
    ^[[36mmysql    |^[[0m => sourcing 40-paas.cnf ...
    ^[[36mmysql    |^[[0m => sourcing 50-my-tuning.cnf ...
    ^[[36mmysql    |^[[0m ---> 16:39:17     Initializing database ...
    ^[[36mmysql    |^[[0m ---> 16:39:17     Running mysql_install_db --rpm --datadir=/var/lib/mysql/data
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use --explicit_defaults_for_timestamp server option (see documentation for more details).
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 0 [Note] Ignoring --secure-file-priv value as server is running with --bootstrap.
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 0 [Note] /opt/rh/rh-mysql56/root/usr/libexec/mysqld (mysqld 5.6.38) starting as process 30 ...
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 30 [Warning] Can't create test file /var/lib/mysql/data/a5d11f4146dd.lower-test
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 30 [Warning] Can't create test file /var/lib/mysql/data/a5d11f4146dd.lower-test
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 30 [Note] InnoDB: Using atomics to ref count buffer pool pages
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 30 [Note] InnoDB: The InnoDB memory heap is disabled
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 30 [Note] InnoDB: Mutexes and rw_locks use GCC atomic builtins
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 30 [Note] InnoDB: Memory barrier is not used
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 30 [Note] InnoDB: Compressed tables use zlib 1.2.7
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 30 [Note] InnoDB: Using Linux native AIO
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 30 [Note] InnoDB: Using CPU crc32 instructions
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 30 [Note] InnoDB: Initializing buffer pool, size = 32.0M
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 30 [Note] InnoDB: Completed initialization of buffer pool
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 7f1048c42840  InnoDB: Operating system error number 13 in a file operation.
    ^[[36mmysql    |^[[0m InnoDB: The error means mysqld does not have the access rights to
    ^[[36mmysql    |^[[0m InnoDB: the directory.
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 7f1048c42840  InnoDB: Operating system error number 13 in a file operation.
    ^[[36mmysql    |^[[0m InnoDB: The error means mysqld does not have the access rights to
    ^[[36mmysql    |^[[0m InnoDB: the directory.
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 30 [ERROR] InnoDB: Creating or opening ./ibdata1 failed!
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 30 [ERROR] InnoDB: Could not open or create the system tablespace. If you tried to add new data files to the system tablespace, and it failed here, you should now edit innodb_data_file_path in my.cnf back to what it was, and remove the new ibdata files InnoDB created in this failed attempt. InnoDB only wrote those files full of zeros, but did not yet use them in any way. But be careful: do not remove old data files which contain your precious data!
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 30 [ERROR] Plugin 'InnoDB' init function returned error.
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 30 [ERROR] Plugin 'InnoDB' registration as a STORAGE ENGINE failed.
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 30 [ERROR] Unknown/unsupported storage engine: InnoDB
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 30 [ERROR] Aborting
    ^[[36mmysql    |^[[0m
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 30 [Note] Binlog end
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 30 [Note] /opt/rh/rh-mysql56/root/usr/libexec/mysqld: Shutdown complete

如果我把/data/mysql:/var/lib/mysql/data这行从docker-compose.yml中去掉，容器就可以正常启动了。

我在主机上以root权限运行docker-compose up，怎么会有权限问题？我不知道 MySQL 进程是在 docker 容器中以什么用户权限启动的，但是这会如何影响主机的权限呢？

其他信息：

在宿主机上，好像没有启用selinux

# getenforce
Disabled

我 chmod mysql 文件夹，所以

# ls -l /data
total 0
drwxrwxrwx 2 root root 6 Jan  9 15:28 mysql

【问题讨论】：

从您的主机chmod -R o+rw /data/mysql更改文件夹的权限
@LinPy 我试过了，还是没解决，错误信息还是一样
这能回答你的问题吗？ How to have host and container read/write the same files with Docker?
@lamth 好像不行，即使chmod -R 777 /data/mysql 也不能解决问题

标签： mysql linux docker docker-compose centos

【解决方案1】：

与您启动docker-compose up 的主机上的哪个用户无关。当您将/data/mysql 挂载到容器中时，容器内的挂载路径将具有与主机相同的权限和所有权。容器内的进程无法写入此路径。

【讨论】：

我已经完成了chmod 777 所以` ls -l /data` --> drwxrwxrwx 2 root root 6 Jan 9 15:28 mysql