Mailwizz has a pretty convenient ‘one-command install’ available here. However I hit a snag when trying to run it
/root/mailwizz-install.sh: line 7: /var/www/mailwizz/html/apps/common/data/install-sql/schema.sql: Permission denied
The reason is SELinux doesn’t allow the docker daemon to read anything outside /usr/ directory. To give docker permission you need to use the z option. According to project Atomic:
If you want to volume mount content under
/var, for example, into a container you need to set the labels on this content. In the
docker runman page we mention this.
man docker-run ... When using SELinux, be aware that the host has no knowledge of container SELinux policy. Therefore, in the above example, if SELinux policy is enforced, the /var/db directory is not writable to the container. A "Permission Denied" message will occur and an avc: message in the host's syslog. To work around this, at time of writing this man page, the following command needs to be run in order for the proper SELinux policy type label to be attached to the host directory: # chcon -Rt svirt_sandbox_file_t /var/db
This got easier recently since Docker finally merged a patch which will be showing up in docker-1.7 (We have been carrying the patch in docker-1.6 on RHEL, CentOS, and Fedora).
This patch adds support forzandZas options on the volume mounts (-v).
docker run -v /var/db:/var/db:z rhel7 /bin/sh
Will automatically do the
chcon -Rt svirt_sandbox_file_t /var/dbdescribed in the man page.
Even better, you can use
docker run -v /var/db:/var/db:Z rhel7 /bin/sh
This will label the content inside the container with the exact MCS label that the container will run with, basically it runs
chcon -Rt svirt_sandbox_file_t -l s0:c1,c2 /var/dbwhere
s0:c1,c2differs for each container.
In essence, after you encounter the error above, navigate to the docker-compose.yml file and add ‘:z’ to the volumes, like this:
Then, rebuild the images with
docker-compose up --build --force-recreate --remove-orphans -d
Finally, run the installation command
docker exec -it mailwizz-php /root/mailwizz-install.sh
And voilà! Your Mailwizz server is now up and running.