PostgreSQL: How to resolve “Permission denied” when bringing up service in Docker container — ep1

One of the challenges when bringing up PostgreSQL with bind-mounting volume is setting the appropriate user and group for the data and log directory

PostgreSQL: How to resolve “Permission denied” when bringing up service in Docker container — ep1

Intro

The “Permission denied” error when bringing up a Docker container with PostgreSQL using docker-compose typically indicates that the PostgreSQL container is having trouble accessing the data directory. This issue often arises due to incorrect file permissions or ownership on the host machine where the data directory is mounted.

By following these steps, you should be able to resolve the “Permission denied” error and successfully bring up the PostgreSQL container with Docker Compose.

Steps to Resolve the “Permission denied” Error

1. Check the Volume Mounting Path Permissions: Ensure that the directory on the host machine that you are mounting as a volume for PostgreSQL has the correct permissions. PostgreSQL needs read and write permissions to this directory.
2. Adjust Permissions and Ownership: Change the permissions and ownership of the directory to ensure that the Docker container can write to it.
3. Use a Docker Volume: Instead of using a bind mount, you can use a Docker-managed volume, which often resolves permission issues.

Example Docker Compose Configuration

Here’s a sample docker-compose.yml file that sets up PostgreSQL using a Docker volume:

version: '3.8'

services:
  db:
    image: postgres:latest
    container_name: postgres_db
    environment:
      POSTGRES_USER: myuser
      POSTGRES_PASSWORD: mypassword
      POSTGRES_DB: mydatabase
    volumes:
      - pgdata:/var/lib/postgresql/data

volumes:
  pgdata:
    driver: local

Example with a Bind Mount

If you need to use a bind mount, ensure the directory has the appropriate permissions. Here’s an example docker-compose.yml file with a bind mount:

version: '3.8'

services:
  db:
    image: postgres:latest
    container_name: postgres_db
    environment:
      POSTGRES_USER: myuser
      POSTGRES_PASSWORD: mypassword
      POSTGRES_DB: mydatabase
    volumes:
      - ./pgdata:/var/lib/postgresql/data

# Ensure the ./pgdata directory exists and has the right permissions

Adjust Permissions and Ownership on the Host

Ensure the host directory has the appropriate permissions:

1. Create the Directory

mkdir -p ./pgdata

2. Change Ownership: Change ownership to match the postgres user in the container (typically uid 999):

sudo chown -R 999:999 ./pgdata

3. Set Permissions: Ensure the directory is writable:

sudo chmod -R 700 ./pgdata

Bringing Up the Service

After ensuring the permissions are correct, bring up your Docker services:

docker-compose up -d

Troubleshooting Tips

• Check Logs: If you still encounter issues, check the logs of the PostgreSQL container for more details:

docker logs postgres_db

• SELinux/AppArmor: If you are running on a system with SELinux or AppArmor, ensure that the policies allow Docker to access the mounted directory.

NEXT

What if the UID=999 or GID=999 are in use?

PostgreSQL: How to resolve “Permission denied” when bringing up service in Docker container — ep2