Hi Marie, 

thanks for your observations!

The explanation for this behavior is, that the `basexhttp` Process inside the container runs as non-privileged user `basex` with an UID of 1984 & GID 0.
Usually processes inside docker containers will run as root and as such will be able to read & write from all volumes you mount *inside* your container.
Currently `basexhttp` does not do that.
It mounts your directory from your host OS as a volume insider your container, yet the fie/folder it still belongs to its original user (in your case UID 1000) but from inside the running docker image, a USER with UID 1984 wants to write to it. This fails.

Basically: 
 chown -R 1984 ~/Projects/Architextus/basex-xquery-server/data

Should make your data directory writable to that process — and if it were group writable it is still writable by your host OS.
As you write repo & webapp  from the host os only, there is no need to change ownership on those folders.

* Another approach I/we usually take is building my own docker image derived from basexhttp and ADD my project to the image.

FROM basex/basexhttp
ADD ./webapp /srv/basex/webapp
ADD ./repo /srv/basex/repo
ADD ./data /srv/basex/data


Any thoughts on this by other docker users? Lot’s of containers run privileged, but I am not sure if we really want this.




Let me know if you  need any more help!

Michael






Am 12.02.2019 um 14:42 schrieb Marie Starck <marie.starck@shaw.ca>:

Hello everyone,

So I am looking to add Docker to a BaseX webapp that is currently running properly on my local. In order to do that, I ran
docker run -ti -d
--publish 1984:1984
--publish 8984:8984
--volume ~/Projects/Architextus/basex-xquery-server/data:/srv/BaseXData
--volume ~/Projects/Architextus/basex-xquery-server/webapp:/srv/BaseXWeb
--volume ~/Projects/Architextus/basex-xquery-server/repo:/srv/BaseXRepo
basex/basexhttp:8.6.4

And while localhost:8984 shows me the regular BaseX introduction page, none of the rest endpoints work and I get this error when I try to access the webapp from my localhost:

Stopped at /srv/BaseXWeb/xqm/g-holismo.xqm, 136/24:
[bxerr:BXDB0002] Resource "/srv/BaseXData/DITA-AppResources/tbl.basex (Permission denied)" not found.

Stack Trace:
- /srv/BaseXWeb/xqm/g-holismo.xqm, 11/10

I checked the permissions on my docker container and it seems that the basex user only has permissions on WEB-INF but none of the volumes, BaseXData, BaseXRepo and BaseXWeb, those are shown as belonging to user 1000.

Has anyone experienced this before?

Thank you for any help or tip you could provide,

Marie