Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Run composer as non root #1532

Closed
jasperf opened this issue May 7, 2018 · 9 comments
Closed

Run composer as non root #1532

jasperf opened this issue May 7, 2018 · 9 comments
Labels
Stale

Comments

@jasperf
Copy link
Contributor

jasperf commented May 7, 2018
edited

Info:

  • Docker version ($ docker --version): Docker version 17.12.0-ce, build c97c6d6
  • Laradock commit ($ git rev-parse HEAD): 0c41fce
  • System info (Mac, PC, Linux): Linux
  • System info disto/version: Ubuntu 16.0.4

Issue:

Guide http://laradock.io/guides/#Digital-Ocean tells to run composer as root in workspace. That is discouraged

Expected behavior:

Should be a non root user that can work on this. Also the entire laravel setup following the guide is run under root. That is going to cause rights and permissions issues

Reproduce:

Follow the Digital Ocean production setup guide. Use Docker image at Digital Ocean. Do a docker-compose up -d nginx mariadb workspace. Let it all be installed Go into workspace using docker-compose exec workspace bash. Then go to /var/www/ and see that the guide tells you to run composer install as ROOT.

Do think the non root user laradock should be used instead no? But when I do run the composer install as laradock I get this

laradock@884cb7ea9243:/var/www$ composer install
Loading composer repositories with package information
Updating dependencies (including require-dev)
Package operations: 70 installs, 0 updates, 0 removals

                                                            
  [RuntimeException]                                        
  /var/www/vendor does not exist and could not be created.  
                                                            

install [--prefer-source] [--prefer-dist] [--dry-run] [--dev] [--no-dev] [--no-custom-installers] [--no-autoloader] [--no-scripts] [--no-progress] [--no-suggest] [-v|vv|vvv|--verbose] [-o|--optimize-autoloader] [-a|--classmap-authoritative] [--apcu-autoloader] [--ignore-platform-reqs] [--] [<packages>]...

laradock@884cb7ea9243:/var/www$ ll
total 108
drwxrwxr-x 13 1001 1001 4096 May  7 12:55 ./
drwxr-xr-x  1 root root 4096 May  7 13:04 ../
drwxrwxr-x  6 1001 1001 4096 May  7 12:55 app/
.......
@jasperf
Copy link
Contributor Author

jasperf commented May 7, 2018
edited

When I did a

root@e3ac39ce4546:/var# chown -R laradock:laradock www/
root@e3ac39ce4546:/var# su laradock
laradock@e3ac39ce4546:/var$ cd www/
laradock@e3ac39ce4546:/var/www$ ll
total 108
drwxr-xr-x 13 laradock laradock 4096 May  7 13:17 ./
drwxr-xr-x  1 root     root     4096 May  7 13:26 ../
drwxr-xr-x  6 laradock laradock 4096 May  7 13:17 app/
-rwxr-xr-x  1 laradock laradock 1686 May  7 13:17 artisan*
drwxr-xr-x  3 laradock laradock 4096 May  7 13:17 bootstrap/
..

I was able to run composer as laradock:

composer install
Loading composer repositories with package information
Updating dependencies (including require-dev)
Package operations: 70 installs, 0 updates, 0 removals
  - Installing vlucas/phpdotenv (v2.4.0): Downloading (100%)         
  - Installing symfony/css-selector (v4.0.9): Downloading (100%) 
...

Still, would love to hear if this is better practice this way. Or if there are other, better and or easier ways.

@Dryr
Copy link
Contributor

Dryr commented May 8, 2018

That is strange, normally the '/var/www' folder should already be owned by the 'laradock' user.

I saw that the id of the owner of the folder is '1001'

laradock@884cb7ea9243:/var/www$ ll
total 108
drwxrwxr-x 13 1001 1001 4096 May  7 12:55 ./

I guess that's the user of your host machine.
Try to set the WORKSPACE_PUID and WORKSPACE_PGID to 1001 in laradock's '.env' file

@jasperf
Copy link
Contributor Author

jasperf commented May 13, 2018
edited

That is strange, normally the '/var/www' folder should already be owned by the 'laradock' user.

well when I follow the guide and install as root using git clone, then get into the workspace it shows all files owned by root @Dryr

docker-compose exec workspace bash
root@b2ab9230ab52:/var/www# ll
total 112
drwxr-xr-x 13 root root  4096 May 12 07:47 ./
drwxr-xr-x  1 root root  4096 May 12 08:01 ../
drwxr-xr-x  6 root root  4096 May 12 07:46 app/
-rwxr-xr-x  1 root root  1686 May 12 07:46 artisan*
drwxr-xr-x  3 root root  4096 May 12 07:46 bootstrap/
-rw-r--r--  1 root root 10676 May 12 07:46 CHANGELOG.md
-rw-r--r--  1 root root  1477 May 12 07:46 composer.json
drwxr-xr-x  2 root root  4096 May 12 07:46 config/
drwxr-xr-x  5 root root  4096 May 12 07:46 database/
-rw-r--r--  1 root root   234 May 12 07:46 .editorconfig
-rw-r--r--  1 root root   651 May 12 07:46 .env.example
drwxr-xr-x  9 root root  4096 May 12 07:47 .git/
-rw-r--r--  1 root root   111 May 12 07:46 .gitattributes
-rw-r--r--  1 root root   155 May 12 07:46 .gitignore
-rw-r--r--  1 root root   101 May 12 07:47 .gitmodules
-rw-r--r--  1 root root  1022 May 12 07:46 package.json
-rw-r--r--  1 root root  1134 May 12 07:46 phpunit.xml
drwxr-xr-x  4 root root  4096 May 12 07:46 public/
-rw-r--r--  1 root root  3675 May 12 07:46 readme.md
drwxr-xr-x  5 root root  4096 May 12 07:46 resources/
drwxr-xr-x  2 root root  4096 May 12 07:46 routes/
-rw-r--r--  1 root root   563 May 12 07:46 server.php
drwxr-xr-x 18 root root  4096 May 12 07:51 laradock/
drwxr-xr-x  5 root root  4096 May 12 07:46 storage/
drwxr-xr-x  4 root root  4096 May 12 07:46 tests/
-rw-r--r--  1 root root   549 May 12 07:46 webpack.mix.js

And I think that is as all was git cloned as root. How do you normally set Laradock and an app up? Perhaps differently.

@ghost
Copy link

ghost commented Oct 7, 2018
edited by ghost

I'm facing a similar issue while using Laradock within my Jenkins testing process (Not the jenkins container from this package). There, Jenkins create the workspace and git pull my laravel app using the "jenkins:jenkins" user. Then I run git submodule add https://github.com/Laradock/laradock.git and that's my final workspace folder structure:

drwxr-xr-x 11 jenkins jenkins   4096 Oct  6 20:10 app
-rw-r--r--  1 jenkins jenkins   1686 Oct  6 20:10 artisan
drwxr-xr-x  3 jenkins jenkins   4096 Oct  6 20:10 bootstrap
drwxr-xr-x  2 jenkins jenkins   4096 Oct  6 20:10 breadcrumbs
-rw-r--r--  1 jenkins jenkins   3876 Oct  6 20:10 build.xml
-rw-r--r--  1 jenkins jenkins   3326 Oct  6 20:10 composer.json
-rw-r--r--  1 jenkins jenkins 281298 Oct  6 20:10 composer.lock
drwxr-xr-x  2 jenkins jenkins   4096 Oct  6 20:10 config
drwxr-xr-x  5 jenkins jenkins   4096 Oct  6 21:06 database
-rw-r--r--  1 jenkins jenkins    761 Oct  7 18:57 Jenkinsfile
drwxr-xr-x 56 jenkins jenkins   4096 Oct  7 05:21 laradock
-rw-r--r--  1 jenkins jenkins   1649 Oct  6 20:10 package.json
-rw-r--r--  1 jenkins jenkins 484478 Oct  6 20:10 package-lock.json
-rw-r--r--  1 jenkins jenkins    716 Oct  6 20:10 phpunit.dusk.xml
-rw-r--r--  1 jenkins jenkins   1040 Oct  6 20:44 phpunit.xml
drwxr-xr-x  2 jenkins jenkins   4096 Oct  7 04:11 public
-rw-r--r--  1 jenkins jenkins   1421 Oct  6 20:10 README.md
drwxr-xr-x  5 jenkins jenkins   4096 Oct  6 20:10 resources
drwxr-xr-x  2 jenkins jenkins   4096 Oct  6 20:10 routes
-rw-r--r--  1 jenkins jenkins    563 Oct  6 20:10 server.php
drwxr-xr-x  5 jenkins jenkins   4096 Oct  6 20:10 storage
drwxr-xr-x  5 jenkins jenkins   4096 Oct  6 20:10 tests
-rw-r--r--  1 jenkins jenkins   3299 Oct  6 20:10 webpack.mix.js

So far, so good.

During the process, i run docker-compose exec workspace bash and try install composer. Now my "vendor" folder is owned by "root:root". And i don't want this.

If i try set the user with docker-compose exec -u laradock workspace bash before composer install, then this message appears:

[RuntimeException]                                        
  /var/www/vendor does not exist and could not be created.

Furthermore, if i run the process as root, jenkins is unable to remove the vendor folder at the end of build.

@prezire
Copy link

prezire commented Feb 11, 2019

I see. So this is still ongoing.

@stale
Copy link

stale bot commented Feb 2, 2020

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@stale stale bot added the Stale label Feb 2, 2020
@stale
Copy link

stale bot commented Feb 23, 2020

Hi again 👋 we would like to inform you that this issue has been automatically closed 🔒 because it had not recent activity during the stale period. We really really appreciate your contributions, and looking forward for more in the future 🎈.

@stale stale bot closed this as completed Feb 23, 2020
@garbinmarcelo
Copy link
Contributor

garbinmarcelo commented Sep 22, 2020
edited

Hi, I just had the same problem, running laradock on an AWS EC2 Ubuntu 20.

I accessed the container by command: docker-compose exec --user=laradock workspace bash

Any solution for that?

image

@garbinmarcelo
Copy link
Contributor

If I access the command (without --user): docker-compose exec workspace bash

and run composer install, it works. but I don’t know if this is correct.

image

Any suggestion? is it correct to use as root?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Stale
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@jasperf @prezire @garbinmarcelo @Dryr