3

I'm running a fresh installation of Laravel on Docker.

When I run the container and try to access the laravel app from the browser I get this error that Laravel throws on screen for the file permissions

UnexpectedValueException
The stream or file "/var/www/html/storage/logs/laravel-2019-02-24.log" could not be opened: failed to open stream: Permission denied

So, if I do while I'm in the running container sudo chown www-data:www-data -R /var/www/html/ and switch the ownership of the files to the www-data user the erros is gone and I can see the default page as expected. The problem is that I cannot write / edit any of the files of the app and make changes in the code base.

If I sudo chown -R lykos:lykos ./application // the folder that my laravel app lives in from my local terminal (i.e. not through the running container) I can edit the files, but the error for file permissions is showing again.

How can I fix this? Btw I'm on Linux, so I think this error is not occuring for windows or mac users. Also I want try to avoid the common chmod 777 solution as it is not recommended as a proper solution

Improve this question

1 Answer 1

Reset to default
4

All you need to do is changing the permission of the mounted directory from the host itself so for example if you have the following directory on the host /home/lykos/laravel/data and you need to mounted it inside a docker container follow the following:

  • Check the UID and GID inside the container which is used to make laravel running for example you may find both UID and GID with the following value 1000 then from the host run the following command chown 1000:1000 /home/lykos/laravel/data

Now the laravel application should be able to write inside whatever directory you use it as a destination for /home/lykos/laravel/data and make sure that you don't modify it without confirming that you have the correct permission e.g. don't create another directory inside it manually unless you do chown after creating it.

The above solution works for the user that will be used to write to that directory if there are other users you need to make sure to give them a proper permission maybe through linux acl instead of using world permission (777)

Let say you have a container as a webserver and you need to keep the application hosted inside the container while developing from your localhost. Assuming the localhost user that is used for development is lykos and the container user which is used by the webserver is 33 for UID and GID you can do the following from your localhost:

sudo chown 33:33 /home/lykos/laravel/data -R
sudo setfacl -Rm u:lykos:rwx,d:u:lykos:rwx /home/lykos/laravel/data

The above command will gives the webserver the ability to access and update the project files. and also gives your localhost the ability to modify the current files and newly created files (note that if you have create any file or directory using lykos user you need to make chown to match the webserver uid)

Improve this answer
Sign up to request clarification or add additional context in comments.

14 Comments

If I do sudo chown lykos:lykos /home/lykos/my-laravel-app the ownership if I do ls -la is lykos lykos and I can edit the files. Then if I do docker-compose run --rm app bash and ls -la I have this 1000 1000 as you said. But when I try to access the app from the browser I get the file permission error. Am I doing something wrong here?
Maybe another user tries to access the files, Does the webserver use the same user that has uid equal to 1000 ?
How can I check this? if I switch to www-data:www-data in the container the error is not showing, but also can't edit the files
So it seems that www-data uid is not equal to 1000. run the following command from the container: id -u www-data what is the result ?
what about adding execute so you can list the files ? setfacl -Rm u:lykos:rwx /home/lykos/laravel/data
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.