Services/shop-platform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

fix(docker): 针对已经存在的容器或后期新建的容器权限设置更新

Browse Source
This commit is contained in:
ZF Sun
2025-12-05 17:01:50 +08:00
parent 6b41e46f30
commit 8f783fd765
2 changed files with 55 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

62
docker/php/entrypoint.sh
View File

@@ -1,19 +1,59 @@
#!/bin/bash #!/bin/bash
set -e
# 确保目录所有者为www-data, 组为www-data, 权限为755 # 设置全局umask
# 这是因为 PHP 进程实际运行时使用的是 Web 服务器用户(如 www-data而不是 root 用户 umask 0002
chown -R www-data:www-data /var/www/html
# 检查并创建必要的目录 echo "=== ThinkPHP Docker权限初始化 ==="
for dir in "/var/www/html/runtime" "/var/www/html/upload"; do
if [ ! -d "$dir" ]; then # 修复目录所有权和权限
fix_directory_permissions() {
local dir=$1
echo "修复目录权限: $dir"
# 确保目录存在
mkdir -p "$dir" mkdir -p "$dir"
echo "创建目录: $dir"
fi # 设置所有权
# 设置权限 chown -R www-data:www-data "$dir"
chmod -R 755 "$dir"
echo "设置权限: $dir -> 755" # 设置权限
chmod -R 775 "$dir"
# 设置setgid权限
chmod g+s "$dir"
# 尝试设置ACL如果支持
if command -v setfacl >/dev/null 2>&1; then
setfacl -d -m u:www-data:rwx -m u:root:rwx "$dir" 2>/dev/null || true
setfacl -Rm u:www-data:rwx "$dir" 2>/dev/null || true
fi
echo "$dir 权限设置完成"
}
# 处理所有需要权限的目录
directories=("runtime" "upload")
for dir in "${directories[@]}"; do
fix_directory_permissions "/var/www/html/$dir"
done done
# 验证权限
echo "=== 权限验证 ==="
echo "当前用户: $(whoami)"
echo "当前UID: $(id -u), GID: $(id -g)"
echo "当前umask: $(umask)"
# 测试写入权限
sudo -u www-data mkdir -p /var/www/html/runtime/test_dir 2>/dev/null && \
echo "✅ runtime目录新建子目录测试通过" || \
echo "❌ runtime目录新建子目录失败"
sudo -u www-data mkdir -p /var/www/html/upload/test_dir 2>/dev/null && \
echo "✅ upload目录新建子目录测试通过" || \
echo "❌ upload目录新建子目录失败"
echo "=== 启动应用 ==="
# 执行原有的启动命令 # 执行原有的启动命令
exec "$@" exec "$@"

8
docker/php/supervisord.conf
View File

@@ -7,17 +7,17 @@ loglevel=info
pidfile=/var/run/supervisord.pid pidfile=/var/run/supervisord.pid
[program:chmod] [program:chmod]
command=chown -R www-data:www-data ./runtime/ && chmod -R 755 ./runtime/ && chown -R www-data:www-data ./upload/ && chmod -R 755 ./upload/ command=/bin/bash -c "while true; do chmod -R 775 ./runtime/ ./uploads/ 2>/dev/null || true; sleep 30; done"
directory=/var/www/html directory=/var/www/html
autostart=true autostart=true
autorestart=false autorestart=true
startretries=3
startsecs=1
stopasgroup=true stopasgroup=true
killasgroup=true killasgroup=true
[program:php-fpm] [program:php-fpm]
command=php-fpm command=php-fpm
user=www-data
umask=0002
autostart=true autostart=true
autorestart=true autorestart=true
startretries=3 startretries=3