5 items to check if you get a “Permission denied” message when running Docker

Seito Horiguchi
2 min readFeb 16, 2024

--

When using Docker to docker compose up , docker compose build, makemigrations, migrate, etc., the error Permission denied may occur.
There may be multiple reasons for this error.

1. The directory or file may not be created in the Docker image in the first place.

The Dockerfile may not contain the code to generate the target directory or file. To generate a directory or file at build time, add the following command to the Dockerfile.

# Create a directory
RUN mkdir <Your Directory Name>

# Create a file
RUN touch <Your File Name>

2. The path may be wrong

The directory or file exists, but the path is wrong… This error also seems to occur when there is a directory or file but the path is wrong.
For example, the following is a piece of code that expects /usr/src/app to be the project directory, and a directory and file named test to be created directly under it in the container. If these do not match exactly, an error may occur.

ENV APP_HOME=/usr/src/app

RUN mkdir $APP_HOME/test
services:
app:
build: ./
working_dir: /usr/src/app/
volumes:
- .:/usr/src/app

3. You may not have the access permission

If a directory or file is created and the path is correct, but Permission denied is displayed, you may not have permission to access the directory or file. For example, access permissions can be defined in the Dockerfile as follows.

... omission ...

RUN addgroup -S myuser && \
adduser -S myuser -G myuser && \
chown -R myuser:myuser $APP_HOME
USER myuser

This command roughly describes the following operations one line at a time.

  1. Create a group named myuser
  2. Create a user named myuser , and add the myuseruser to the myuser group
  3. Grant the myuser group and the myuser user read/write permissions to the $APP_HOME directory.
  4. Perform a series of operations as the myuser user

While the above is an approach to manipulate directories and files by granting privileges to users, the following is an approach to directly manipulate directory and file access privileges.

RUN chmod u+w $APP_HOME/test

The commandchmod use the same syntax as the Linux commands that operate on the command line.

Cases where authorization cannot be granted

Unfortunately, there are cases where access rights cannot be granted even after performing these operations. When running Docker containers on virtual servers (e.g. Amazon EC2 instances), Docker operations and virtual server security settings are located on different layers.

If those virtual server settings (network access settings, security groups, firewall settings, etc.) affect the accessibility of Docker containers, they cannot be operated from Docker. In that case, you need to talk to the server administrator and ask for authorization.

4. It may not be necessary

Is writing to that directory/file necessary in the first place?” If it is unnecessary, you can eliminate the writing process to the directory/file.
If it is unnecessary, you can eliminate the writing process to the directory/file.

5. Others

The changed settings may not be reflected. For example, docker compose build can be run with the option docker compose build --no-cache to clear the cache.

--

--

Seito Horiguchi
Seito Horiguchi

Written by Seito Horiguchi

Hi, I'm a Web developer and Tech YouTuber ;) I mainly code JS, TS, and Python. https://www.linkedin.com/in/seito/

No responses yet