mysql - docker 容器的用户权限会影响主机对 docker-compose.yml 中已安装卷的权限吗？

Question

我有如下docker-compose.yml，

version: '2'
services:
  mysql:
    image: centos/mysql-56-centos7:latest
    restart: always
    container_name: mysql
    environment:
       - MYSQL_ROOT_PASSWORD=111111
    volumes:
      - /etc/localtime:/etc/localtime
      - /data/mysql:/var/lib/mysql/data
    ports:
      - 3306:3306

centos/mysql-56-centos7 是来自 Docker Hub 的镜像。我使用docker-compose up来启动容器，但总是失败，原因是:

Can't create test file /var/lib/mysql/data/cdef45a5817c.lower-test

完整信息:

    Creating network "mysql_default" with the default driver
    Creating mysql ... ^M
    ^[[1A^[[2K^MCreating mysql ... ^[[32mdone^[[0m^M^[[1BAttaching to mysql
    ^[[36mmysql    |^[[0m => sourcing 20-validate-variables.sh ...
    ^[[36mmysql    |^[[0m => sourcing 25-validate-replication-variables.sh ...
    ^[[36mmysql    |^[[0m => sourcing 30-base-config.sh ...
    ^[[36mmysql    |^[[0m ---> 16:39:17     Processing basic MySQL configuration files ...
    ^[[36mmysql    |^[[0m => sourcing 60-replication-config.sh ...
    ^[[36mmysql    |^[[0m => sourcing 70-s2i-config.sh ...
    ^[[36mmysql    |^[[0m ---> 16:39:17     Processing additional arbitrary  MySQL configuration provided by s2i ...
    ^[[36mmysql    |^[[0m => sourcing 40-paas.cnf ...
    ^[[36mmysql    |^[[0m => sourcing 50-my-tuning.cnf ...
    ^[[36mmysql    |^[[0m ---> 16:39:17     Initializing database ...
    ^[[36mmysql    |^[[0m ---> 16:39:17     Running mysql_install_db --rpm --datadir=/var/lib/mysql/data
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use --explicit_defaults_for_timestamp server option (see documentation for more details).
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 0 [Note] Ignoring --secure-file-priv value as server is running with --bootstrap.
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 0 [Note] /opt/rh/rh-mysql56/root/usr/libexec/mysqld (mysqld 5.6.38) starting as process 30 ...
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 30 [Warning] Can't create test file /var/lib/mysql/data/a5d11f4146dd.lower-test
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 30 [Warning] Can't create test file /var/lib/mysql/data/a5d11f4146dd.lower-test
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 30 [Note] InnoDB: Using atomics to ref count buffer pool pages
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 30 [Note] InnoDB: The InnoDB memory heap is disabled
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 30 [Note] InnoDB: Mutexes and rw_locks use GCC atomic builtins
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 30 [Note] InnoDB: Memory barrier is not used
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 30 [Note] InnoDB: Compressed tables use zlib 1.2.7
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 30 [Note] InnoDB: Using Linux native AIO
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 30 [Note] InnoDB: Using CPU crc32 instructions
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 30 [Note] InnoDB: Initializing buffer pool, size = 32.0M
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 30 [Note] InnoDB: Completed initialization of buffer pool
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 7f1048c42840  InnoDB: Operating system error number 13 in a file operation.
    ^[[36mmysql    |^[[0m InnoDB: The error means mysqld does not have the access rights to
    ^[[36mmysql    |^[[0m InnoDB: the directory.
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 7f1048c42840  InnoDB: Operating system error number 13 in a file operation.
    ^[[36mmysql    |^[[0m InnoDB: The error means mysqld does not have the access rights to
    ^[[36mmysql    |^[[0m InnoDB: the directory.
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 30 [ERROR] InnoDB: Creating or opening ./ibdata1 failed!
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 30 [ERROR] InnoDB: Could not open or create the system tablespace. If you tried to add new data files to the system tablespace, and it failed here, you should now edit innodb_data_file_path in my.cnf back to what it was, and remove the new ibdata files InnoDB created in this failed attempt. InnoDB only wrote those files full of zeros, but did not yet use them in any way. But be careful: do not remove old data files which contain your precious data!
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 30 [ERROR] Plugin 'InnoDB' init function returned error.
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 30 [ERROR] Plugin 'InnoDB' registration as a STORAGE ENGINE failed.
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 30 [ERROR] Unknown/unsupported storage engine: InnoDB
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 30 [ERROR] Aborting
    ^[[36mmysql    |^[[0m
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 30 [Note] Binlog end
    ^[[36mmysql    |^[[0m 2020-01-10 16:39:17 30 [Note] /opt/rh/rh-mysql56/root/usr/libexec/mysqld: Shutdown complete

如果我从docker-compose.yml中删除这行/data/mysql:/var/lib/mysql/data，容器就可以正常启动。

我在主机上以root权限运行docker-compose up，怎么会出现权限问题呢？我不知道在docker容器中以什么用户权限启动MySQL进程，但这如何影响主机的权限？

---

其他信息:

在主机上，似乎没有启用selinux

# getenforce
Disabled

我chmod了mysql文件夹，所以

# ls -l /data
total 0
drwxrwxrwx 2 root root 6 Jan  9 15:28 mysql

Answer 1

启动docker-compose up与主机上的哪个用户无关。当您将 /data/mysql 挂载到容器中时，容器内的挂载路径将具有与主机上相同的权限和所有权。容器内的进程无法写入此路径。