PostgreSQL: How to resolve “Permission denied” when bringing up service in Docker container — ep1
One of the challenges when bringing up PostgreSQL with bind-mounting volume is setting the appropriate user and group for the data and log directory
Intro
The “Permission denied” error when bringing up a Docker container with PostgreSQL using docker-compose
typically indicates that the PostgreSQL container is having trouble accessing the data directory. This issue often arises due to incorrect file permissions or ownership on the host machine where the data directory is mounted.
By following these steps, you should be able to resolve the “Permission denied” error and successfully bring up the PostgreSQL container with Docker Compose.
Steps to Resolve the “Permission denied” Error
- Check the Volume Mounting Path Permissions: Ensure that the directory on the host machine that you are mounting as a volume for PostgreSQL has the correct permissions. PostgreSQL needs read and write permissions to this directory.
- Adjust Permissions and Ownership: Change the permissions and ownership of the directory to ensure that the Docker container can write to it.
- Use a Docker Volume: Instead of using a bind mount, you can use a Docker-managed volume, which often resolves permission issues.
Example Docker Compose Configuration
Here’s a sample docker-compose.yml
file that sets up PostgreSQL using a Docker volume:
version: '3.8'
services:
db:
image: postgres:latest
container_name: postgres_db
environment:
POSTGRES_USER: myuser
POSTGRES_PASSWORD: mypassword
POSTGRES_DB: mydatabase
volumes:
- pgdata:/var/lib/postgresql/data
volumes:
pgdata:
driver: local
Example with a Bind Mount
If you need to use a bind mount, ensure the directory has the appropriate permissions. Here’s an example docker-compose.yml
file with a bind mount:
version: '3.8'
services:
db:
image: postgres:latest
container_name: postgres_db
environment:
POSTGRES_USER: myuser
POSTGRES_PASSWORD: mypassword
POSTGRES_DB: mydatabase
volumes:
- ./pgdata:/var/lib/postgresql/data
# Ensure the ./pgdata directory exists and has the right permissions
Adjust Permissions and Ownership on the Host
Ensure the host directory has the appropriate permissions:
1. Create the Directory
mkdir -p ./pgdata
2. Change Ownership: Change ownership to match the postgres
user in the container (typically uid 999
):
sudo chown -R 999:999 ./pgdata
3. Set Permissions: Ensure the directory is writable:
sudo chmod -R 700 ./pgdata
Bringing Up the Service
After ensuring the permissions are correct, bring up your Docker services:
docker-compose up -d
Troubleshooting Tips
- Check Logs: If you still encounter issues, check the logs of the PostgreSQL container for more details:
docker logs postgres_db
- SELinux/AppArmor: If you are running on a system with SELinux or AppArmor, ensure that the policies allow Docker to access the mounted directory.
NEXT
What if the UID=999 or GID=999 are in use?