because of this, the permissions of the data directory always end up as not my user. My UID and GID are 1001:1001, however without any user flag, the folder will get reset to root permissions. And if I so set the user permissions the Dockerfile still appears to go ahead and create a new user/group for the mysql user which is in an incorrect UID:GUI pair compared to my parameter passed. I think the fix here may be to pass UID and GID to groupadd and useradd in the dockerfiles so that they are given the correct ID.
mariadb:
image: mariadb
user: "${UID}:${GID}"
environment:
MYSQL_ROOT_PASSWORD: testpassword
MYSQL_DATABASE: app
MYSQL_USER: user
MYSQL_PASSWORD: testpassword
volumes:
- ./mysql:/var/lib/mysql
Starting containers with this script:
#!/usr/bin/env bash
UID=$(id -u) GID=$(id -g) docker-compose up -d
Relevant lines in Dockerfile of this repo:
# add our user and group first to make sure their IDs get assigned consistently, regardless of whatever dependencies get added
RUN groupadd -r mysql && useradd -r -g mysql mysql
Solved for me by switching over to: https://hub.docker.com/r/linuxserver/mariadb since they support the custom UID/GID with environment variables in docker-compose.
Would still be nice if this functionality could be brought upstream.
If you're passing --user successfully, it's not possible for our image to override it. (Which is part of why we prefer it to an environment variable-based solution; the security benefits are stronger.)
Perhaps you can provide the output of UID=... GID=... docker-compose config?
Mounting /etc/passwd will give you a username in the container (not necessarily necessary). Also ensure the folder your mounting for data has sufficient permissions
mariadb:
image: mariadb
user: 1000:1000
environment:
MYSQL_ROOT_PASSWORD: testpassword
MYSQL_DATABASE: app
MYSQL_USER: user
MYSQL_PASSWORD: testpassword
volumes:
- /etc/passwd:/etc/passwd:ro
- ./mysql:/var/lib/mysql$ id -u && id -g && cat .env
UID=1000
GID=1001
$ ls -al
total 20
drwxrwxr-x 3 rei rei 4096 Apr 12 14:29 ./
drwxrwxr-x 89 rei rei 4096 Apr 12 13:58 ../
-rw-rw-r-- 1 rei rei 250 Apr 12 14:19 docker-compose.yml
-rw-rw-r-- 1 rei rei 18 Apr 12 14:23 .env
drwxrwxr-x 2 rei rei 4096 Apr 12 14:28 mysql/
$ docker-compose up -d
Creating mariadb-236_mariadb_1_5441420f47f5 ... done
$ docker exec -it mariadb-236_mariadb_1_97778f9f96d7 bash
groups: cannot find name for group ID 1001
rei@297de43b993c:/$ id -u && id -g
rei@297de43b993c:/$ ls -al /var/lib/mysql/
total 122956
drwxrwxr-x 5 rei 1001 4096 Apr 12 21:30 .
drwxr-xr-x 19 root root 4096 Feb 22 00:31 ..
drwx------ 2 rei 1001 4096 Apr 12 21:30 app
-rw-rw---- 1 rei 1001 16384 Apr 12 21:30 aria_log.00000001
-rw-rw---- 1 rei 1001 52 Apr 12 21:30 aria_log_control
-rw-rw---- 1 rei 1001 976 Apr 12 21:30 ib_buffer_pool
-rw-rw---- 1 rei 1001 50331648 Apr 12 21:30 ib_logfile0
-rw-rw---- 1 rei 1001 50331648 Apr 12 21:30 ib_logfile1
-rw-rw---- 1 rei 1001 12582912 Apr 12 21:30 ibdata1
-rw-rw---- 1 rei 1001 12582912 Apr 12 21:30 ibtmp1
-rw-rw---- 1 rei 1001 0 Apr 12 21:30 multi-master.info
drwx------ 2 rei 1001 4096 Apr 12 21:30 mysql
drwx------ 2 rei 1001 4096 Apr 12 21:30 performance_schema
-rw-rw---- 1 rei 1001 24576 Apr 12 21:30 tc.log
rei@297de43b993c:/$ mysql -uuser -ptestpassword
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 8
Server version: 10.3.13-MariaDB-1:10.3.13+maria~bionic mariadb.org binary distribution
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]>
Closing since this seems resolved and there isn't an issue with the image
