Fixing World-writable MySql error in Docker
I just encountered this issue and the fix for me is just to set my.cnf file to read-only in Windows.
This works for me
mysql:
networks:
- main
image: library/mysql:5.7
container_name: 'mysql'
command: >
bash -c "
chmod 644 /etc/mysql/conf.d/*.cnf
&& /entrypoint.sh mysqld
"
ports:
- "3308:3308"
volumes:
- ./my_local_dir/var/lib/mysql:/var/lib/mysql
- ./my_local_dir/etc/mysql/conf.d/:/etc/mysql/conf.d/
restart: always
environment:
MYSQL_ROOT_PASSWORD: 'root'
MYSQL_DATABASE: 'some'
It seems solution for having files with not full permissions when using Windows host is sharing files with "intermediate directory" and then copy those files into desired directory in Docker container.
In above case (MySQL container) it could be done like this (you can use this method also in other cases)
Dockerfile:
# Base image
FROM mysql:5.7
# Copy starting scripts file
COPY start.sh /root/start.sh
# Run necessary services
CMD ["/bin/bash", "/root/start.sh"]
docker-compose.yml (showed only db container)
db:
build: ../builds/mysql-5.7
environment:
- MYSQL_ROOT_PASSWORD=pass
- MYSQL_DATABASE=
- MYSQL_USER=
- MYSQL_PASSWORD=
expose:
- 3306
volumes:
- /c/Users/marcin/dock-test/composers/l1.app/mysql/data/:/var/lib/mysql/
- /c/Users/marcin/dock-test/composers/l1.app/mysql/conf.d/:/etc/mysql/conf.d/source
- /c/Users/marcin/dock-test/composers/l1.app/mysql/log/:/var/log/mysql/
Plese notice that above we mount conf.d directory to /etc/mysql/conf.d/source directory and not to /etc/mysql/conf.d/ directory (so MySql won't load this file for now).
start.sh
#!/bin/sh
cp /etc/mysql/conf.d/source/* /etc/mysql/conf.d/
/entrypoint.sh mysqld
Above we copy now all files from conf.d/source directly into conf.d - those files are not shared with Windows host so they will be created with Linux permissions (in my case leaving defaults - without using chmod is fine).
To verify whether custom mysql configuration values are loaded now I run:
mysql -u root -p
and type my password.
When I type SHOW VARIABLES; I will see some settings from my.cnf that previously (without putting this file had different values), so it's working as expected.
Of course drawback of this solution is that those files won't be really shared so in case those files would be changed in Docker machine, they won't be updated in Windows host, but in above case when we want to use custom config files it doesn't make any difference and solve the issue.
I have an alternative answer for those that just need to set a few configuration options.
In the docker compose file you can do something like this.
db:
image: mysql
command: >
bash -c "mysqld --user=root --group_concat_max_len=1844674407370954752"
environment:
- MYSQL_ROOT_PASSWORD=pass
- MYSQL_DATABASE=
- MYSQL_USER=
- MYSQL_PASSWORD=
expose:
- 3306
Notice I run mysqld and then set the options --group_concat_max_len as an example. If you need more options just add more -- within the "" with the name of the option. This is an elegant solution that does not require making a new image from the default mysql one.
What command does in a docker compose file is overwrites the default CMD command in the image. The images default command simply runs mysqld (you can look it up on their github page), so I simply just run it as well but give it some parameters to pass in. Refer to the very last line of this file to see the CMD command. (refer to this: https://github.com/docker-library/mysql/blob/master/5.5/Dockerfile)
Using this method you do not even need to worry about voluming in a mysql configuration file, which for me was a big issue since it had to be 777 to work when doing docker-compose up but would then proceed to fail due to the world writable problem.