59

When I ssh in to my vagrant vm, I can change permissions of files and folders above and outside the vagrant user folder, and for files within the vagrant user folder. But cannot change permissions for folders under the vagrant user folder. I have the same problem whether logged in as the vagrant user and root.

Is there some sort of restriction on changing permissions in the vagrant user's folder? The vagrant user folder is not shared with the host OS, but the capistrano deploy folder and the docRoot are.

Guest is CentOS 6, Host is OS X 10.7. Vagrant is 1.0.5. Virtualbox is 4.2.1.

7 Answers 7

Reset to default
93

The format for shared folders changes across different versions of Vagrant. See Fabio's answer https://serverfault.com/questions/398414/vagrant-set-default-share-permissions

Vagrant version 1.3.1 and earlier

config.vm.share_folder "v-data", "/export", "/export", :owner => 'vagrant', :group => 'httpd', :extra => 'dmode=775,fmode=775'

Vagrant version 1.3.1, 1.3.2

In Vagrant 1.3.1 and later, the extra option has been replaced with mount_options that expects an array.

config.vm.share_folder "v-data", "/export", "/export", :owner => 'vagrant', :group => 'httpd', :mount_options => ['dmode=775', 'fmode=775']

Vagrant version >=1.3.3

In vagrant 1.3.3 it appears config.vm.share_folder has been replaced with config.vm.synced_folder.

config.vm.synced_folder "v-data", "/export", "/export", :owner => 'vagrant', :group => 'httpd', :mount_options => ['dmode=775', 'fmode=775']

9
  • Please comment if you have more information on Vagrant versions and share_folder and synced_folder commands. I have not tested each statement across each Vagrant version and could not find clear documentation. I did find this related Vagrant pull issue: github.com/mitchellh/vagrant/pull/1029
    – Greg Elin
    Sep 26, 2013 at 9:52
  • man, this needs upvoted more. There's pretty much no documentation on :mount_options for the newer versions; I had to figure it out through trial and error.
    – Amelia
    Oct 25, 2013 at 8:16
  • not sure about past versions of vagrant but the current version (1.4.3) needs the syntax @DavidSpreekmeester shows in his answer which he says worked in 1.2.7.
    – MatthewLee
    Mar 10, 2014 at 21:42
  • this works, but mostly for files and folders already created. i got problems by creating new files/folders on the host but within the guest sometimes i got weird behavior - i can see the files/folders by listing them, but cannot access them at all. when listing, i see no permissions at all, just questionmarks like ?????????? ? ? ? ? ? AppendStream.php . this problem disappears after i reboot the guest, i can access those ? files again under the config.vm.share_folder permissions. note i tried also 777
    – ulkas
    Aug 15, 2014 at 15:10
  • this behavior appears on linux host (mint) as well as on windows (7 64b) host
    – ulkas
    Aug 15, 2014 at 15:11
17

My issue might be related to yours.

I have a centos vm in vagrant as the guest and win7 as the host.

I can't actually change the permissions in the VM of any folders that are shared with the Host.

will report back if I discover anything useful. Discuss on google group here:

https://groups.google.com/forum/?fromgroups=#!topic/vagrant-up/2JvcoZTuWRI

UPDATE 1: I have also read that you can't create symlinks in shared folders.

UPDATE 2: It seems that I can't change the permissions in the virtual box after it's been created. However in the VagrantFile you can set the permissions on the shared folders to something that suites: I.E. 

config.vm.share_folder "v-data", "/export", "/export", :owner=> 'vagrant', :group=>'httpd', :extra => 'dmode=775,fmode=775'

here I have set the owner, group and the permissions that work for us.

I hope this helps.

4
  • 1
    it seems that I can't change the permissions in the virtual box after it's been created. However in the VagrantFile you can set the permissions on the shared folders to something that suites: I.E. config.vm.share_folder "v-data", "/export", "/export", :owner=> 'vagrant', :group=>'httpd', :extra => 'dmode=775,fmode=775'
    – Jamie.Good
    Nov 15, 2012 at 10:22
  • 6
    You can vagrant reload to apply these kinds of changes to Vagrantfiles.
    – Jon Burgess
    Mar 20, 2013 at 3:33
  • 7
    I prefer 'dmode=775,fmode=664'
    – wik
    Apr 19, 2013 at 1:34
  • Me too, except using Ansible to run Django database migrations I needed Django's manage.py to be executable. As there's no way to change the permissions for only that file, I had to use ['dmode=775', 'fmode=777'].
    – Phil Gyford
    Mar 2, 2016 at 14:21
9

In Vagrant 1.2.7, version 2 Vagrantfiles are used, so the syntax is slightly different than in previous answers. Underneath is what does the trick for me with CentOS 6.2. I find that using a relative path as the source works best in my situation. It points to the shared folder.

config.vm.synced_folder "./", "/vagrant", owner: 'vagrant', group: 'apache', extra: 'dmode=775,fmode=775'

As stated by Jamie, it still is necessary that you configure it before creation, so use a vagrant reload after you've edited your overriding Vagrantfile.

6

VirtualBox doesn't allow changing the owner/permissions for synced folders.

You can change it in the Vagrant file (as answered by others).
Consider changing the owner instead of the group.
Consider also that - if done so that your server can write to files - your server is likely called www-data instead of httpd. Use ps aux | grep nginx [or apache / lighthttpd] to check.

There are some other options:

  • Change the owner of the program that is accessing the shared files instead of the synced folder.
    For example, if PHP needs to write to file, change the server and PHP to run as vagrant. [In Apache, that's done in httpd.conf. NGINX's user is set in nginx.conf, php-fpm's user is in php-fpm.conf or one of the files it includes.
    You need to change the permissions on the Apache lockfile (/var/lock/apache2) or PHP websocket file (/var/run/php5-fpm.sock)] and webserver.
  • Use a different VM (HyperV, VMware) instead of VirtualBox. Other VM's dont seem to have this restriction.
  • Use RSyn to sync files instead of using the default syncing.
    config.vm.synced_folder "/var/www/", type: "rsync"
  • Set all the permissions to 777. Normally this would disastrous and not even a suggestion. It's still a bad idea, but on a VM is possibly doable. Think twice before giving shared access though.
    config.vm.synced_folder "/var/www/", mount_options: ["dmode=777", "fmode=666"]

These answers are better described by Ryan Sechreset and Jeremy Kendall.

5

Change the permissions form the host not the guest. VirtualBox disallows changing permissions on shared files form a guest os.

TLDR; The issue is not that the users on your guest don't have permissions to access your host files. The issue is the executing user of the virtaul box process on your host does not have permissions to write the files in the host. There are two sets of permissions. The guest permissions have to be set just like any other os. You also have to make sure that the virtual box process your guest os is running in has permissions to that folder. If that process only has read access the most any guest user will be able to do is read.

3
  • 3
    I've been having the same issue and this doesnt help as the users that exist on the Vagrant box do not exist on the host
    – RonnyKnoxville
    Oct 22, 2014 at 14:19
  • This actually helped me. It helps if synced_folders are set properly.
    – SasaT
    Apr 9, 2015 at 4:09
  • @JackalopeZero The issue is not that the users on your guest don't have permissions to access your host files. The issue is the executing user of the virtaul box process on your host does not have permissions to write the files. There are two sets of permissions. The guest permissions have to be set just like any other os. You also have to make sure that the virtual box process your guest os is running in has permissions to that folder. If that process only has read access the most any guest user will be able to do is read. Including admin users
    – Stewart
    Oct 9, 2015 at 0:57
2

Can't comment just yet, but to extend on MDeSilva's answer for Vagrant 1.7.2:

Might be obvious to some, but the group and owner should be in quotes.

group: "sync_group", owner: "sync_owner", mount_options: ['dmode=755, fmode=644']
1
  • Although vagrant is usually a development environment, there's still no reason for those permissions. Usually dmode=755 and fmode=644 with the web server (apache in this case) group being the group setting will be plenty.
    – domdambrogia
    Jan 16, 2017 at 5:54
0

For Vagrant 1.7.2 Edit Vagrant file like this,

group: sync_group, owner: sync_owner, mount_options: ['dmode=777', 'fmode=776']

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Not the answer you're looking for? Browse other questions tagged or ask your own question.