Permissions with OSX in Docker

Posted on December 24, 2015

I’ve been flailing around with being able to do something that should be relatively trivial: mount a folder in a MySQL container in Docker. If nothing else, this is necessary for persisting a local database so that it doesn’t get deleted when you remove the container. As it turns out, this is harder than it seems.

As I’ve come to learn, the issue is inconsistencies in uids between OSX and Linux in both the MySQL container and docker-machine. (The official MySQL container uses Debian.) docker-machine’s docker user is uid 1000, whereas MySQL’s mysql is uid 999. So the solution is to set these to match. The easiest way is to build your own Dockerfile that extends the official one and sets a proper uid:

FROM mysql:5.6
 
RUN usermod -u 1000 mysql
 
RUN chmod -R 777 /var/lib/mysql
RUN chown -R mysql:mysql /var/lib/mysql
 
RUN mkdir -p /var/run/mysqld
RUN chmod -R 777 /var/run/mysqld
RUN chown -R mysql:mysql /var/run/mysqld

You should then be able to use that Dockerfile and mount a folder in /Users to /var/lib/mysql. In my case, I’m using it in docker-compose like this:

web:
  build: .
  ports:
    - "3000:3000"
  links:
    - db
db:
  build: ./docker/mysql
  ports:
    - "3306:3306"
  volumes:
    - /Users/me/mysql-data:/var/lib/mysql
  environment:
    MYSQL_ROOT_PASSWORD: mypw

There’s a caveat here, though. The MySQL container will be accessible to any container that you attach it to. If you want to access it outside of that – say, from the host container – then you need to open it up. To do this, edit /etc/mysql/my.cnf and add bind-address = 0.0.0.0 where the other bind-address is. I’ve seen solutions that change this with sed, but I prefer to keep the whole my.cnf file in my repo and just push the whole thing in. To that end, I add a COPY my.cnf /etc/mysql/my.cnf to the end of the MySQL Dockerfile.

And that’s basically it. It’s taken a number of days of wrangling to figure this out, but I think this solves it. Also big thanks to Armin Braun for setting me on the right path.

3 responses to “Permissions with OSX in Docker”

  1. Indy says:

    Hi. Just tried to follow this. The docker-compose up works ok. But the image does not start up. In the console, I just see “Database initialized’ and it creates a folder in my folder I specify in my Mac OS, but image does not spin up. Nothing happens, no error or anything else!

    And pointers?

  2. Deep says:

    Docker for OS X has fixed this for me. I could not get MySQL working in OS X due to folder permissions when using Docker Toolbox.

Leave a Reply

Your email address will not be published. Required fields are marked *