I built an image for running Apache with mod_php, for Magento extension development. Magento needs to write to the webroot: It keeps files in /srv/magento/var/
for cache, error reporting, and some other features. The webroot on this image is a docker volume, and Apache doesn't run as root, so it can't write to the filesystem, so Magento fails.
I can't actually chown or chmod the directory within the container reliably. I don't want to use a Docker Volume Container because devs should have direct access to files in the Magento webroot. I wouldn't particularly mind running Apache as root in the container, but apachectl
sure does seem to mind.
What's the appropriate way to give the Apache user in a Docker container write access to a volume?
Consider this example case:
$ cd $(mktemp -dt$(date +%s))
$ docker run -d -p 80:80 -v "$PWD:/srv/magento" kojiromike/magento_apache
$ cat > index.php <<PHP
<?php file_put_contents('foo', 'bar');
PHP
$ wget -SO/dev/null http://$(boot2docker ip 2>/dev/null)/index.php
--2014-12-15 13:33:59-- http://192.168.59.103/index.php
Connecting to 192.168.59.103:80... connected.
HTTP request sent, awaiting response...
HTTP/1.1 200 OK
Date: Mon, 15 Dec 2014 17:18:49 GMT
Server: Apache/2.2.22 (Debian)
X-Powered-By: PHP/5.4.35-0+deb7u2
Vary: Accept-Encoding
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
The file is already fully retrieved; nothing to do.
$ ls # Expecting 'foo' to exist
index.php
$ docker exec -ti $(docker ps -lq) tail -n 4 /var/log/apache2/error.log
[Mon Dec 15 17:18:49 2014] [error] [client 192.168.59.3] PHP Warning: file_put_contents(foo): failed to open stream: Permission denied in /srv/magento/index.php on line 1
[Mon Dec 15 17:18:49 2014] [error] [client 192.168.59.3] PHP Stack trace:
[Mon Dec 15 17:18:49 2014] [error] [client 192.168.59.3] PHP 1. {main}() /srv/magento/index.php:0
[Mon Dec 15 17:18:49 2014] [error] [client 192.168.59.3] PHP 2. file_put_contents() /srv/magento/index.php:1