Describe the bug
When running openemr/openemr:flex-edge with both sites and the full code directory bind-mounted from the host (per the flex example) and EASY_DEV_MODE=1, the container still locks /var/www/localhost/htdocs/openemr/sites down to mode 500 (owner UNKNOWN:root) as soon as it starts. Apache can’t read the site directory, so the install requires a manual chmod after every restart.
To Reproduce
-
In docker-compose.yml, define the service as:
services:
openemr:
image: openemr/openemr:flex-edge
environment:
EASY_DEV_MODE: "1"
MYSQL_HOST: db
MYSQL_USER: openemr
# secrets for MYSQL_PASS, MYSQL_ROOT_PASS, OE_PASS, OIDC*, etc.
volumes:
- ../runtime/sites:/var/www/localhost/htdocs/openemr/sites
- ../runtime/code:/var/www/localhost/htdocs/openemr
- ../runtime/logs:/var/log/openemr
-
On the host, prep the volumes (apache UID 48):
sudo rm -rf runtime/code && sudo mkdir -p runtime/code
docker cp deployment-openemr-1:/var/www/localhost/htdocs/openemr/. runtime/code/
sudo chown -R 48:0 runtime/sites runtime/code
sudo find runtime/sites -type d -exec chmod 755 {} +
sudo find runtime/sites -type f -exec chmod 644 {} +
sudo chmod 550 runtime/sites/default && sudo chmod 440 runtime/sites/default/sqlconf.php
-
docker compose down openemr && docker compose up -d openemr to pull and start flex-edge.
-
Run cd deployment && ./scripts/openemr/verify_site_permissions.sh (or docker exec deployment-openemr-1 stat -c '%a %U:%G %n' /var/www/localhost/htdocs/openemr/sites) immediately after the container reports healthy.
-
Observe the output:
[FAIL] sites root: expected mode 755, got 500
owner UNKNOWN:root /var/www/localhost/htdocs/openemr/sites
Expected behavior
/var/www/localhost/htdocs/openemr/sites (and default/sqlconf.php) should remain at 755/550/440 with owner apache:root throughout the container lifecycle so Apache can serve the site without manual intervention.
Client configuration
- OpenEMR version:
openemr/openemr:flex-edge (latest published, pulled Nov 18, 2025)
- Operating system: Debian-based GCE VM running Docker Engine 29 + Docker Compose (Traefik reverse proxy, MariaDB 11.4)
Let me know if additional logs or compose files would help; I’m happy to provide them.
Describe the bug
When running
openemr/openemr:flex-edgewith bothsitesand the full code directory bind-mounted from the host (per the flex example) andEASY_DEV_MODE=1, the container still locks/var/www/localhost/htdocs/openemr/sitesdown to mode500(ownerUNKNOWN:root) as soon as it starts. Apache can’t read the site directory, so the install requires a manualchmodafter every restart.To Reproduce
In
docker-compose.yml, define the service as:On the host, prep the volumes (apache UID 48):
docker compose down openemr && docker compose up -d openemrto pull and start flex-edge.Run
cd deployment && ./scripts/openemr/verify_site_permissions.sh(ordocker exec deployment-openemr-1 stat -c '%a %U:%G %n' /var/www/localhost/htdocs/openemr/sites) immediately after the container reports healthy.Observe the output:
Expected behavior
/var/www/localhost/htdocs/openemr/sites(anddefault/sqlconf.php) should remain at 755/550/440 with ownerapache:rootthroughout the container lifecycle so Apache can serve the site without manual intervention.Client configuration
openemr/openemr:flex-edge(latest published, pulled Nov 18, 2025)Let me know if additional logs or compose files would help; I’m happy to provide them.