Hi Marie, thanks for your observations!
The explanation for this behavior is, that the `basexhttp` Process inside the container runs as non-privileged user `basex` with an UID of 1984 & GID 0. Usually processes inside docker containers will run as root and as such will be able to read & write from all volumes you mount *inside* your container. Currently `basexhttp` does not do that. It mounts your directory from your host OS as a volume insider your container, yet the fie/folder it still belongs to its original user (in your case UID 1000) but from inside the running docker image, a USER with UID 1984 wants to write to it. This fails. Basically: > chown -R 1984 ~/Projects/Architextus/basex-xquery-server/data Should make your data directory writable to that process — and if it were group writable it is still writable by your host OS. As you write repo & webapp from the host os only, there is no need to change ownership on those folders. * Another approach I/we usually take is building my own docker image derived from basexhttp and ADD my project to the image. > FROM basex/basexhttp > ADD ./webapp /srv/basex/webapp > ADD ./repo /srv/basex/repo > ADD ./data /srv/basex/data Any thoughts on this by other docker users? Lot’s of containers run privileged, but I am not sure if we really want this. Let me know if you need any more help! Michael > Am 12.02.2019 um 14:42 schrieb Marie Starck <[email protected]>: > > Hello everyone, > > So I am looking to add Docker to a BaseX webapp that is currently running > properly on my local. In order to do that, I ran > docker run -ti -d > --publish 1984:1984 > --publish 8984:8984 > --volume ~/Projects/Architextus/basex-xquery-server/data:/srv/BaseXData > --volume ~/Projects/Architextus/basex-xquery-server/webapp:/srv/BaseXWeb > --volume ~/Projects/Architextus/basex-xquery-server/repo:/srv/BaseXRepo > basex/basexhttp:8.6.4 > > And while localhost:8984 shows me the regular BaseX introduction page, none > of the rest endpoints work and I get this error when I try to access the > webapp from my localhost: > > Stopped at /srv/BaseXWeb/xqm/g-holismo.xqm, 136/24: > [bxerr:BXDB0002] Resource "/srv/BaseXData/DITA-AppResources/tbl.basex > (Permission denied)" not found. > > Stack Trace: > - /srv/BaseXWeb/xqm/g-holismo.xqm, 11/10 > > I checked the permissions on my docker container and it seems that the basex > user only has permissions on WEB-INF but none of the volumes, BaseXData, > BaseXRepo and BaseXWeb, those are shown as belonging to user 1000. > > Has anyone experienced this before? > > Thank you for any help or tip you could provide, > > Marie >
