Where does the permissions of '/tmp' folder inside a docker container inherited from?

I have a PHP docker container failed to start saying that 'session_start' don't have permissions on /tmp/xxxx file.

I found that the '/tmp' folder's permission is 'drwxr-xr-t'. When I change it to 'drwxrwxrwt', the container works as normal.

I might have done something wrong to my host system to debug another unrelated problem. But I don't remember what I have done and what could causing the problem above.

So I want to know where does the permissions of '/tmp' folder inside a docker container inherited from?

Thanks in advance. :)

Looking at the base image you use, the /tmp permissions are set correctly:

$ docker run -it --rm php:5-apache ls -ald /tmp
drwxrwxrwt 1 root root 4096 Jan 23 00:10 /tmp

This means the modification to the folder permission has happened on your side, either in the building of your image from some step in your Dockerfile, or in how you run your container. Without details of your Dockerfile or commands used to run your container (including a docker-compose.yml file if you use one), I don't believe it's possible to give a more detailed answer.

If the image is good, the next thing to check are you bind and volume mounts, as they can mess things up. It's also worth checking any entry point scripts incase they are doing anything silly.

You should find the answer in the Dockerfile.

Either the base image has already those wrong perms, or the Dockerfile is doing something bad during image build.

In both cases, you can just fix this problem in the Dockerfile, and rebuild a new image.

@BMitch My image is ‘FROM php:5-apache’ which is then ‘FROM debian:stretch-slim’ which is then ‘FROM scratch’. None of them modifies the permissions of ‘/tmp’ explicitly.

Can you provide the image used and/or Dockerfile used to build your image? Also include the command you use to start the container, including any compose.yml file.