Can I modify the ownership for a shared folder in vagrant?

Asked 26/11, 2012 at 13:49 Answered 23/1, 2019 at 16:46

I use vagrant and chef to develop my own blog in a virtual machine. To have easy access to the wordpress folder I created a shared folder.

Basically the wordpress folder is on my host and gets mounted as shared folder in /var/www/wordpress in the VM. The configuration is similar to:

config.vm.share_folder "foo", "/guest/path", "/host/path"

My problem is that the ownership in my VM is always vagrant:vagrant even if I change it on my host. Ownership changes in the VM get ignored.

I cannot use chown to set the ownership of the upload directory to www-data:www-data.

It is possible to use chmod and change the access restrictions to 777, but this is a really ugly hack.

Here is what I actually want. Is this possible?:

Development: Access to the shared folder from my host.
Access Restriction: On the VM all files and folders should have proper and secure ownership and access restrictions.

Onceover answered 26/11, 2012 at 13:49 Comment(0)

As @StephenKing suggests you can change the options of the whole directory.

The relevant function is not documented but the source tells us:

# File 'lib/vagrant/config/vm.rb', line 53

def share_folder(name, guestpath, hostpath, opts=nil)
  @shared_folders[name] = {
    :guestpath => guestpath.to_s,
    :hostpath => hostpath.to_s,
    :create => false,
    :owner => nil,
    :group => nil,
    :nfs   => false,
    :transient => false,
    :extra => nil
  }.merge(opts || {})
end

Basically you can set group, owner and acl for the whole folder which is way better than setting everything to world writable on the host. I have not found any method to change the ownership of a nested directory.

Here is a quickfix:

config.vm.share_folder "v-wordpress", "/var/www/wordpress", "/host/path", :owner => "www-data", :group => "www-data"

Onceover answered 26/11, 2012 at 16:39 Comment(3)

Any idea how to do this with vagrant 1.2+? I believe the relevant file (for Virtualbox) is now plugins/providers/virtualbox/action/share_folders.rb. – Skirl 16/7, 2013 at 23:23

Multiple shared_folders on common intersecting directories seem to take into account the last definition. So for nested directories, you would simply add the directive (with owner: & group:) after – Mangan 13/4, 2015 at 9:21

For NFS mounted drives, use config.vm.synced_folder – Nevarez 8/7, 2016 at 15:11

@john-syrinek

in 1.2+

config.vm.synced_folder "src/", "/srv/website",
  owner: "root", group: "root"

http://docs.vagrantup.com/v2/synced-folders/basic_usage.html

Loats answered 31/10, 2013 at 12:16 Comment(1)

one thing worth noting is if you want to change permissions on the default synced_folder you need to use the syntax from this answer, https://mcmap.net/q/327613/-cannot-change-permissions-of-folders-within-vagrant-home-folder, which is: config.vm.synced_folder "./", "/vagrant", owner: 'root', group: 'root' – Rosenarosenbaum 10/3, 2014 at 21:46

You can allow changing the ownership inside the guest:

config.vm.share_folder "foo", "/guest/path", "/host/path", {:extra => 'dmode=777,fmode=777'}

Predominance answered 26/11, 2012 at 15:55 Comment(3)

using Vagrant 1.5.4, this approach didn't work for me. I added the above to my .kitchen.yml, modified my custom_app cookbook to call sudo chown -R kevin /my/path/share. Then I destroyed and provisioned my box again. yet vagrant still owns /my/path/share. Additionally, I tried the above command manually in the VM, yet the owner is still `vagrant. – Nomo 29/4, 2014 at 15:36

Using 1.7.4 I need to change this to config.vm.synced_folder ..., {:mount_options => [dmode=777, fmode=777] – Ansela 29/2, 2016 at 14:1

To make your vagrant box run a little bit more like a production server would, run dmode=775,fmode=664 instead of 777. Now when you deploy you should run into one less issue, because you're not depending on global write permissions. – Nevarez 8/7, 2016 at 15:13

As the other answers have pointed out you should probably set the correct owner and group using the owner and group configuration options.

However, sometimes that won't work (for example when the target user is only created later on during provision). In these cases, you can remount the share:

sudo mount -t vboxsf -o uid=`id -u www-data`,gid=`id -g www-data` /path/to/share /path/to/share

Catt answered 23/1, 2019 at 16:46 Comment(0)

Following up on @StephenKing and @aycokoster awesome tips, I had a use-case for mounting another directory read-only.

I added

config.vm.share_folder "foo", "/guest/path", "/host/path", :extra => 'ro'

and

# discard exit status because chown `id -u vagrant`:`id -g vagrant` /host/path is okay

vagrant up || true

Chancre answered 5/3, 2013 at 17:23 Comment(0)

Recommended topics

Hot tags