Comments (7)
This has been fixed upstream. brew upgrade lima
and ensure you are on lima version >= v0.6.4
from colima.
@kumikumi is the container running as a non-root user?
Or better still, do you mind sharing snippets from the docker-compose.yaml
file? You can redact any information you deem sensitive.
from colima.
@kumikumi is the container running as a non-root user?
When I enter the container with docker exec -it php /bin/bash
and type whoami
it prints out root
.
Or better still, do you mind sharing snippets from the
docker-compose.yaml
file? You can redact any information you deem sensitive.
If you have specific questions about the setup, I can share the relevant snippets with potential sensitive information redacted.
from colima.
@kumikumi
What I have discovered so far is that non-root user in the container is unable to access the mounted volume.
I suspect the server's subprocesses are running as non-root user.
Does the container has top
or ps
command and see if there are processes running as non-root user?
Thanks.
from colima.
You're right. The web server process is running as non-root and having trouble accessing the mounted volume.
ps aux
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.0 3836 3148 ? Ss 10:52 0:00 /bin/bash /var/www/html/fooapp/app/docker-scripts/php.entrypoint.sh
root 8 0.2 0.4 78344 25356 ? S 10:52 0:00 apache2 -DFOREGROUND
www-data 6133 0.0 0.1 78408 7544 ? S 10:53 0:00 apache2 -DFOREGROUND
www-data 6134 0.0 0.1 78408 7544 ? S 10:53 0:00 apache2 -DFOREGROUND
www-data 6135 0.0 0.1 78408 7544 ? S 10:53 0:00 apache2 -DFOREGROUND
www-data 6136 0.0 0.1 78408 7544 ? S 10:53 0:00 apache2 -DFOREGROUND
www-data 6137 0.0 0.1 78408 7544 ? S 10:53 0:00 apache2 -DFOREGROUND
root 6144 0.0 0.0 2364 576 ? S 10:53 0:00 tail -f /var/log/foo/foo.log
root 6145 1.5 0.0 4100 3260 pts/0 Ss 10:53 0:00 /bin/bash
root 6151 0.0 0.0 6700 2980 pts/0 R+ 10:53 0:00 ps aux
from colima.
Lima is planning to replace sshfs with samba and that may fix this lima-vm/lima#188. I would prefer to wait until after that before attempting any proper fixes.
As a workaround for now, since you're using docker-compose, you can have a custom Dockerfile
that changes www-data
's uid to match your macOS user's uid i.e. 501
. If you're not sure how to go about that, you can specify the docker image you're using and I can assist with the Dockerfile.
Thanks.
from colima.
Hmm, if I understand this issue it's not really fixed. ddev generates its own docker-compose.yaml and runs containers with uid:gid of the host-side user. So if I'm 501, the web container will run as UID 501 (and all the processes inside it also run as UID 501).
However, as of today with limactl 0.7.3 and colima 0.2.2 it's not possible to write to a mounted directory inside the container.
For example, mkdir. test
and place this docker-compose.yaml
:
services:
web:
image: busybox
user: "501:20"
command: tail -f /dev/null
volumes:
- $PWD:/var/www/html
And now start it and exec into it to create a file:
docker-compose up -d
docker exec ctest_web_1 touch /var/www/html/junk
touch: /var/www/html/junk: Read-only file system
from colima.
Related Issues (20)
- error setting up reachable IP address
- macOS 14 VM Type VZ / Virtiofs - SSH agent forward fails after colima stop / start (if container with agent was still running)
- Can't mount volumes with 9p securityModel: mapped-xattr HOT 4
- Vanished DB while updating from 0.5.6 to 0.6 version. HOT 8
- Can't connect to host.docker.internal on first start when defined in extra_hosts HOT 3
- now that cgroup v2 is default (with Colima v0.6.0+), is there a CLI option to use cgroup v1 instead? HOT 2
- Network and kubernetes instability in extended use sessions HOT 1
- Allow configuration of Swap
- colima x86_64 daemon.json file has incorrect proxy HOT 6
- docker+k3s: no Node available, probably due to `--docker is no longer supported` from k3s HOT 1
- Colima with containerd runtime not exposing docker.sock HOT 2
- brew services start doesn't start colima
- colima start error HOT 2
- Containers in emulated x86_64 VM become unreachable after a while (connection refused) HOT 5
- Creating aarch64 instance on intel macOS hangs on starting ... context=docker HOT 4
- colima start --kubernetes: kubernetes cluster unreachable
- Can't start Elasticsearch image HOT 5
- Colima freezes and I have to restart it HOT 4
- Lima v0.20.0 breaks Colima HOT 4
- Colima is failing to do port forwarding after upgrading to Ventura 13.6.4 HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from colima.