skip to Main Content

I currently have a nice docker setup for my laravel project

enter image description here

When I need to execute a php artisan command, I attache the php-fpm container to my terminal. It all works fine. except when the artisan command creates new files.

enter image description here

The files are created as root. To solve that i need to "chown -R 1000:1000 /application"

It’s very annoying to do that everytime and was wandering if there’s a way in Ubuntu or in my docker setup so that artisan creates the files as 1000 by himself and I don’t need to worry about that anymore.

2

Answers


  1. What you need to do is create a user and tell Docker to use that user for all subsequent actions, e.g.

    # Dockerfile
    ...
    
    WORKDIR /var/www
    
    ...
    
    # create a new linux user group called 'developer' with an arbitrary group id of '1001'
    RUN groupadd -g 1001 developer
    
    # create a new user called developer and add it to this group
    RUN useradd -u 1001 -g developer developer
    
    # change the owner and group of the current working directory to developer
    COPY --chown=developer:developer . /var/www
    
    # run all subsequent processes as this user
    USER developer
    
    ...
    
    EXPOSE 9000
    
    CMD ["php-fpm"]
    

    Creating a group isn’t strictly necessary but can be useful if you need to assign multiple services or users the same privileges across a single cluster or server.

    If you don’t assign a non-root user to your Docker containers for something like local development then it’s not the end of the world but you’ll encounter the problems you are having. However, in production it can be a serious security concern because it can enable a attacker to gain root privileges to the rest of your system.

    Dockerfile reference: https://docs.docker.com/engine/reference/builder/#user

    Login or Signup to reply.
  2. For anyone who had same issue with laravel and sail/docker.

    On installing sail for laravel application development, by default docker will only run with root user. So if you run docker/sail with sudo, the files created using php artisan will all belong to root so it will require you to set/add permission for all new files created.

    To solve this issue for local development you can change the permission for the docker.sock like this:

    sudo chmod 666 /var/run/docker.sock
    
    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search