Description
docker compose raises a permission denied error, if there is a folder in the watch path with insufficient permissions even if it is in the ignore list.
Steps To Reproduce
minimal docker-compose.yml:
services:
app:
image: alpine:latest
command: ["sleep", "infinity"]
volumes:
- ./root-owned-dir:/data
develop:
watch:
- action: sync
path: ./
target: /tmp
ignore:
- ./root-owned-dir/
Created root owned folder:
$ sudo mkdir -p root-owned-dir
$ sudo chmod 700 root-owned-dir
This works as expected:
But watch prints a permission denied error:
$ docker compose up --watch
[+] up 2/2
✔ Network watch-repro_default Created 0.0s
✔ Container watch-repro-app-1 Created 0.0s
notify.Add("/home/<SNIP>/watch-repro"): watcher.Add("/home/<SNIP>/watch-repro/root-owned-dir"): permission denied
root-owned-dir is in the ignore list, so I expect that it does not care about its permissions.
Compose Version
Docker Compose version v5.1.3
Docker Environment
Client: Docker Engine - Community
Version: 29.4.0
Context: default
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: v0.33.0
Path: /usr/libexec/docker/cli-plugins/docker-buildx
compose: Docker Compose (Docker Inc.)
Version: v5.1.3
Path: /usr/libexec/docker/cli-plugins/docker-compose
Server:
Containers: 1
Running: 0
Paused: 0
Stopped: 1
Images: 21
Server Version: 29.4.0
Storage Driver: overlayfs
driver-type: io.containerd.snapshotter.v1
Logging Driver: json-file
Cgroup Driver: systemd
Cgroup Version: 2
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
CDI spec directories:
/etc/cdi
/var/run/cdi
Swarm: inactive
Runtimes: io.containerd.runc.v2 runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 77c84241c7cbdd9b4eca2591793e3d4f4317c590
runc version: v1.3.5-0-g488fc13e
init version: de40ad0
Security Options:
apparmor
seccomp
Profile: builtin
cgroupns
Kernel Version: 6.1.0-44-amd64
Operating System: Neptune 8.2
OSType: linux
Architecture: x86_64
CPUs: 12
Total Memory: 46.35GiB
Name: longy0201
ID: 2b992073-edb2-48f1-b2c1-81e969c69a58
Docker Root Dir: /var/lib/docker
Debug Mode: false
Experimental: false
Insecure Registries:
::1/128
127.0.0.0/8
Live Restore Enabled: false
Firewall Backend: iptables
Anything else?
No response
Description
docker compose raises a permission denied error, if there is a folder in the watch path with insufficient permissions even if it is in the ignore list.
Steps To Reproduce
minimal docker-compose.yml:
Created root owned folder:
This works as expected:
But watch prints a permission denied error:
root-owned-diris in the ignore list, so I expect that it does not care about its permissions.Compose Version
Docker Environment
Anything else?
No response