Search code examples
dockerdocker-composevolume

Some strange (or not) thing with mysql 'volume'

Just create database service with docker-compose.yaml:

# another db service for test

version: '3.5'

networks:
  dockernet:
    driver: bridge

services:
  db:
    image: mysql/mysql-server:5.5.62
    restart: on-failure
    environment:
      MYSQL_ROOT_PASSWORD: 123456
    volumes:
      - ./mysql_dir:/var/lib/mysql
    networks:
      - dockernet

Next, adding directory 'mysql' in my ~:

docker:~/docker$ ls -l
total 8
-rw-r--r--    1 futur    futur          674 Nov  5 04:35 docker-compose.yaml
drwxr-sr-x    2 futur    futur         4096 Nov  5 04:37 mysql_dir

I added my account to group 'docker':

docker:~/docker$ grep docker /etc/group
docker:x:101:futur

After up/down my docker-compose, i see strange changing permissions of my directory:

docker:~/docker$ ls -l
total 8
-rw-r--r--    1 futur    futur          298 Nov  5 05:10 docker-compose.yaml
drwxr-sr-x    5 27       video         4096 Nov  5 05:11 mysql_dir

Why it became '27' and 'video'? What is that? Is that normal?

Such behavior prevents copying and moving directory 'mysql_dir' for me (user 'futur').

Should i use docker only from root user? Is there any way to use docker with avoid using root user?

Solution

  • If you run docker exec <your_container> stat /var/lib/mysql on your host, to check permissions of /var/lib/mysql folder in the container, then you'll see that its uid is 27 (user mysql) and gid is 27 (group mysql) :

      File: '/var/lib/mysql'
  Size: 4096            Blocks: 8          IO Block: 4096   directory
...
Access: (0750/drwxr-x---)  Uid: (   27/   mysql)   Gid: (   27/   mysql)
...

    When you mount a volume between your host and a container, Docker changes permissions of the mounted directory on your host according to what's inside the container (here uid=27, gid=27).

    What you see from your host is then normal : 27 is because you don't have any user on your host with uid=27, and you see video group because this group have gid=27 on your host (you can validate that by running getent group video).

    You could change mysql uid and gid inside the container to match the ones on your host, but I strongly discourage you from doing that. Instead of mounting local directories, you would rather use volumes, if you want to make backup of your data for example.