dockerpermissionsdockerfilefile-permissionschown

Dockerfile "RUN chmod" not taking effect

Everything else takes effect but permissions are not changing, am I missing something? 

FROM joomla:3.9-php7.2-apache

RUN apt-get update \
&& apt-get install -y apt-utils vim curl

COPY ./joomla_html /var/www/html

RUN chmod -R 765 /var/www/html/

RUN chown -R www-data. /var/www/html/
RUN chmod -R 777 /var/www/html/tmp
RUN chmod -R 777 /tmp
RUN chmod -R 777 /var/www/html/modules
RUN chmod -R 777 /var/www/html/components
RUN chmod -R 777 /var/www/html/administrator/logs
RUN chmod -R 777 /var/www/html/images
RUN chmod -R 777 /var/www/html/uploads

COPY ./docker/php.ini /usr/local/etc/php/conf.d/php-extras.ini

EXPOSE 80

This is what I get, every file has permissions to 1000:1000, I need it to be to www-data

Output of ls -la /var/www/html is

total 144
drwxr-xr-x 19 1000 1000 4096 May 8 18:53 .
drwxr-xr-x 1 root root 4096 May 8 02:30 ..
drwxr-xr-x 25 1000 1000 4096 May 8 18:53 components
drwxr-xr-x 6 1000 1000 4096 May 8 18:53 images
drwxr-xr-x 68 1000 1000 4096 May 8 18:53 modules
drwxr-xr-x 2 1000 1000 4096 May 8 18:53 tmp
drwxr-xr-x 2 1000 1000 4096 May 8 18:53 uploads
Solution

  • The directory is defined as a volume upstream: https://github.com/joomla/docker-joomla/blob/d34ff24288dfb5b27a167f870f1fcca56077be78/php7.2/apache/Dockerfile#L64

    VOLUME /var/www/html

    Volumes cannot be modified with a RUN command. They start in a temporary container that has the volume, and only the changes to the container, not the volume are saved.

    You can try asking the upstream repo to change their image to remove the volume definition from the Dockerfile. Or you can pull their repo and build your own version of the base image without the volume. Neither of these will prevent you from running the container later with a volume in that directory.

    Otherwise, if you want to extend the image and make changes with RUN commands, you'll need to save your files in another directory. You could also have an entrypoint that copies those files to /var/www/html on container start.

    You could also consider a multi stage build, fixing the permissions in the first stage, and then copying the files directly into the volume in the release stage. As you've noticed, COPY still works with volumes. It isn't implement with a temporary container and therefore can place files directly in the image filesystem.