Join Log in
Score:1
Brain Bytes avatar Ubuntu

Docker-compose mounted file system operation not permitted for volume

ro flag
Brain Bytes

I am experiencing a problem with docker-compose, its mounting a volume in a folder on a mounted hard drive. I have seen lots of solutions out there and honestly tried them all.

I changed the permissions to the user that I am using, to root, to docker, within their respective groups. Nothing

Writing operations work fine, I can write a file through python I am not restricted, but when I run docker compose to make an sql db it gives me this:

ERROR: for mysql_db Cannot start service mysql_db: error while creating mount source path '/db-path-mount': chown /db-path-mount/db-volume-folder/db-one: operation not permitted

ERROR: for mysql_db Cannot start service mysql_db: error while creating mount source path '/db-path-mount': chown /db-path-mount/db-volume-folder/db-one: operation not permitted ERROR: Encountered errors while bringing up the project.

Out there seems that the troubleshooting is scarce, I tried docker-compose up -d and sudo docker-compose up -d, nothing really changes.

drwxr-xr-x 3 myUser docker 4028276 Jul 26 04:47 db-volume-folder/

and my mount point (etc/fstab):

UUID=MY_UUID /home/user/my_mount_point    auto uid=1001,gid=122,umask=022,defaults 0 1

(gid=122 is docker)
(uid=1001 is user)

I am using ubuntu 20 server

docker-compose.yml:

version: "3.7"
services:
  my_sql_db:
    container_name: my_sql_db
    user: root
    image: mysql/mysql-server:latest
    ports:
      - "1533:3306"
    env_file:
      - secrets/sqlserver.env
      - secrets/sqlpassword.env
    volumes:
      - ./db-path-mount/db-volume-folder/db-one:/var/lib/mysql
3790
1 + 2
Artur Meinild avatar
vn flag
Artur Meinild
Would you mind sharing your `docker-compose.yml` (remember to redact any passwords etc). Also, is the mount point defined in your `/etc/fstab`?
0
Reply
Brain Bytes avatar
ro flag
Brain Bytes
Sure, I posted it, yes the mountpoint is in fstab
0
Reply
Score:0
Artur Meinild avatar Ubuntu
vn flag
Artur Meinild

There are a couple of things in your setup that I would do differently, and I'll try to outline this in my answer. I can't guarantee it will work, but it's how I have my containers set up, so hopefully it can help.

First, I wouldn't mount my data disk with uid and gid attributes. I would mount with default attributes, like this:

UUID=MY_UUID /home/user/my_mount_point    auto umask=022,defaults 0 1

(From this point on, I will use /home/user/my_mount_point as a reference from where your disk is mounted.)

Secondly, I don't understand your volume reference in the docker-compose.yml. I would have it like this:

    volumes:
      - /home/user/my_mount_point/db-volume-folder/db-one:/var/lib/mysql

Note that I would always use an absolute path in the docker-compose.yml.

Also, the ownership should match those of the container running, so the folder db-one should be owned by root.

myUser@ubuntu:~/my_mount_point/db-volume-folder$

drwxr-xr-x 3 root root 4028276 Jul 26 04:47 db-one

Note that the folder name db-one should match the last folder on the left side in the volume mount path - this is the folder where the permissions matter.

Finally, as you have noted, docker-compose also supports that you specify which user the container should run as. So I believe you could change the user, and then change the ownership accordingly.

So if you change the user like this:

version: "3.7"
services:
  my_sql_db:
    container_name: my_sql_db
    user: myUser

And then the folder permissions to match:

myUser@ubuntu:~/my_mount_point/db-volume-folder$

drwxr-xr-x 3 myUser myUser 4028276 Jul 26 04:47 db-one

I hope some of these instructions will work for you - please let us know if it does.

EDIT:

I just tested the MySql container with the following docker-compose.yml:

version: "3.7"

services:

  my_sql_db:
    container_name: my_sql_db
    user: root
    image: mysql/mysql-server:latest
    ports:
      - "1533:3306"
    environment:
      MYSQL_ROOT_PASSWORD: topsecret
      MYSQL_USER: mysqluser
      MYSQL_PASSWORD: mysqlpassword
    volumes:
      - /mnt/zfs/docker-data/mysql-test/db-one:/var/lib/mysql
    restart: always

This is the contents of the folder /mnt/zfs/docker-data/mysql-test:

/mnt/zfs/docker-data/mysql-test$ ls -la
total 7
drwxr-xr-x  3 root root   4 Aug  1 22:02 .
drwxr-xr-x 22 root root  22 Aug  1 21:47 ..
drwxr-xr-x  6   27 sudo  30 Aug  1 21:59 db-one
-rw-r--r--  1 root root 374 Aug  1 21:58 docker-compose.yml

In this way, the container comes up successfully. It appears the container itself changes ownership to 27:sudo (I guess these are default values).

If I change the user in docker-compose.yml to myuser:myuser and also change permissions on the folder db-one to myuser:myuser, I get this error when trying to start the container:

ERROR: for my_sql_db  Cannot start service my_sql_db: unable to find user myuser: no matching entries in passwd file

So it seems the problem is between matching users, and not filesystem ownership. And if you get another error, its probably something else than filesystem ownership - see my link in comments.

0 + 7
Brain Bytes avatar
ro flag
Brain Bytes
Creating my_db ... error ERROR: for my_db Cannot start service my_db: OCI runtime create failed: container_linux.go:380: starting container process caused: process_linux.go:385: applying cgroup configuration for process caused: no cgroup mount found in mountinfo: unknown ERROR: for my_db Cannot start service my_db: OCI runtime create failed: container_linux.go:380: starting container process caused: process_linux.go:385: applying cgroup configuration for process caused: no cgroup mount found in mountinfo: unknown ERROR: Encountered errors while bringing up the project.
0
Reply
Brain Bytes avatar
ro flag
Brain Bytes
Did everything ^^ what I get
0
Reply
Artur Meinild avatar
vn flag
Artur Meinild
Could you edit your question with the new config files, and also be sure to have the correct volume paths - if not I can't help troubleshooting.
0
Reply
Artur Meinild avatar
vn flag
Artur Meinild
[This post on Stack Overflow](https://stackoverflow.com/questions/66004068/how-to-resolve-no-cgroup-mount-found-in-mountinfo-unknown-error) has suggestions to solve the new error you are getting - could you look into this? Thanks.
0
Reply
Artur Meinild avatar
vn flag
Artur Meinild
It seems maybe there is a problem with your docker installation, or systemd cgroup configuration.
0
Reply
Brain Bytes avatar
ro flag
Brain Bytes
Nope and nope, tried throughout what's in that thread and I am getting the same exact error. I reinstalled docker twice, before applying the first suggestion (your edit), and trying what's in the thread, same error (OCI error)
0
Reply
Artur Meinild avatar
vn flag
Artur Meinild
Strange. For reference, I've personally been using [MariaDB from Linuxserver.io](https://hub.docker.com/r/linuxserver/mariadb) without issue, if that's an option for you maybe give it a spin?
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.