I have a project directory like this:
|-var/www
|-docker-compose.yml
|-app
|--uploads
|---photos
|-Dockerfile
This is my docker-compose.yml file:
myapp:
build:
context: myfolder
dockerfile: Dockerfile
container_name: flask
image: api/v1:01
restart: unless-stopped
environment:
APP_ENV: "prod"
APP_DEBUG: "False"
APP_PORT: 5000
volumes:
- appdata:/var/www
What I want:
I want to change app/uploads/photos this folder's permission to 777.This is an upload folder,so user can upload to this folder.
My Dockerfile now is look like this:
FROM python:3.6.8-alpine3.9
ENV GROUP_ID=1000 \
USER_ID=1000
WORKDIR /var/www/
ADD . /var/www/
RUN apk add --no-cache build-base libffi-dev openssl-dev ncurses-dev
RUN pip install --upgrade pip
RUN pip install -r requirements.txt
RUN addgroup -g $GROUP_ID www
RUN adduser -D -u $USER_ID -G www www -s /bin/sh
USER www
EXPOSE 5000
After looking in this question,In order to achieve what I want,I tried below:
FROM python:3.6.8-alpine3.9
ENV GROUP_ID=1000 \
USER_ID=1000
WORKDIR /var/www/
ADD . /var/www/
RUN apk add --no-cache build-base libffi-dev openssl-dev ncurses-dev
RUN pip install --upgrade pip
RUN pip install -r requirements.txt
RUN addgroup -g $GROUP_ID www
RUN adduser -D -u $USER_ID -G www www -s /bin/sh
RUN chown -R www:www /var/www
RUN chmod -R 777 /var/www/uploads
RUN chmod -R 777 /var/www/uploads/photos
USER www
EXPOSE 5000
But seems like the chmod command in my dockerfile is not taking effect.Cause whenever I upload some files to app/uploads/photos in my code,my nginx server keep getting this error:
PermissionError: [Errno 13] Permission denied: '/var/www/uploads/photos/myfilename.png'
Somebody please help.Please provide a solution for how to change the permission of a folder in Dockerfile.
UPDATE:
I tried to change the permission of /var/www/uploads after build the container and the container is running by doing below:
docker exec -it myapp /bin/sh
then run
chmod -R 777 /var/www/uploads
What I get is chmod: /var/www/uploads: Operation not permitted
Therefore I suspect the this error will also happened when the docker is building,then according to this answer from serverfault, I tried to modify the dockerfile to this:
FROM python:3.6.8-alpine3.9
ENV GROUP_ID=1000 \
USER_ID=1000
WORKDIR /var/www/
ADD . /var/www/
USER root
RUN chmod -R 777 /var/www/uploads
RUN addgroup -g $GROUP_ID www
RUN adduser -D -u $USER_ID -G www www -s /bin/sh
USER www
RUN apk add --no-cache build-base libffi-dev openssl-dev ncurses-dev
RUN pip install --upgrade pip
RUN pip install -r requirements.txt
EXPOSE 5000
But it still doesnt work.Look like my above approach is also wrong.Cause I already run in root in the dockerfile.But at the same time,when I access the container in host using docker exec,also getting Operation not permitted.
I am very new in Docker.Just cant figure it out how to get this done.
What I hope to know:
1) How to change the folder var/www/uploads to permission 777?
2) What is the problem causing I cant change the permission from my approach?
3) What is the better way to achieve this? (If any)
Related
I'm trying to make an Express server with access to sqlPackage for DACPAC-deployments.
This is the final stage in my Docker build:
FROM node:16-alpine
WORKDIR /usr/app
ARG SQLPACKAGE_URL=https://download.microsoft.com/download/f/0/9/f091c731-45be-48fa-ae84-bc28388e3ef8/sqlpackage-linux-x64-en-16.0.6161.0.zip
# Install sqlPackage
RUN apk add --no-cache wget unzip
RUN wget -progress=bar:force -q -O sqlpackage.zip $SQLPACKAGE_URL \
&& unzip -qq sqlpackage.zip -d /usr/app/sqlpackage \
&& chmod 777 /usr/app/sqlpackage \
&& chown -R node.node /usr/app/sqlpackage
COPY --from=ts-remover /usr/app ./
USER node
CMD ["main.js"]
ARG PORT=8080
EXPOSE $PORT
My node project cannot run the executable though. I've tried running it manually from within the container, but I get permission denied there too.
/usr/app $ whoami
node
/usr/app $ ls -l
total 41272
drwxrwxrwx 2 node node 20480 Sep 12 14:12 sqlpackage
/usr/app $ ./sqlpackage
/bin/sh: ./sqlpackage: Permission denied
Why can I not execute this file, even though the permissions seem to be correct?
This looks like a common issue so I checked a few SO posts but none of them solved my problem.
Here is my Dockerfile:
# MkDocs container
FROM python:3-alpine AS build-env
RUN apk add bash
RUN pip install --upgrade pip
RUN pip install pymdown-extensions \
&& pip install mkdocs \
&& pip install mkdocs-material \
&& pip install mkdocs-rtd-dropdown \
&& pip install mkdocs-git-revision-date-plugin \
&& pip install mkdocs-git-revision-date-localized-plugin \
&& pip install mkdocs-redirects
# executed at ~/Developer/MkDocs
RUN mkdir -p /home/mkdocs/
WORKDIR /home/mkdocs/
COPY . .
RUN mkdocs build -s
WORKDIR /
# Nginx container
FROM nginx:1.21.6-alpine
RUN apk add bash
EXPOSE 80
RUN cat /etc/nginx/nginx.conf
COPY nginx.conf /etc/nginx/nginx.conf
WORKDIR /
RUN mkdir -p /home/mkdocs
COPY --from=build-env /home/mkdocs/site/ /home/mkdocs/
RUN mv /home/mkdocs/* /usr/share/nginx/html/
RUN chown nginx:nginx /usr/share/nginx/html/*
USER nginx:nginx
And here is the command to run docker:
docker run -it --name mkdocs -p 8789:80 nginx
Running localhost:8789 only shows the default nginx homepage, not the built one of MkDocs. I also run docker exec -it --user root <PID> bash to check the directory /usr/share/nginx/html/ but the copied files are not there.
My other checks:
First, I'm 100% sure that the files built in the first stage works and exists
Second, this is what completely frustrated me out. If I run the docker using docker run -it --entrypoint=/bin/bash mkdocs:v1, I can actually see the built MkDocs files:
bash-5.1$ ls /usr/share/nginx/html
404.html 50x.html assets index.html search sitemap.xml sitemap.xml.gz
bash-5.1$
i am learning docker, i have created a Dockerfile like this :
FROM node:alpine
RUN addgroup -g 1001 -S appuser && adduser -u 1001 -S appuser -G appuser
RUN apk update && apk add bash
WORKDIR /usr/src/app
COPY package*.json ./
RUN npm install
COPY ./wait-for-it.sh /usr/wait-for-it.sh
RUN chmod +x /usr/wait-for-it.sh
RUN chmod ugo+rwx /usr
RUN chown -R appuser:appuser /usr/src/app
USER appuser
COPY . .
And i have a docker-compose.override.yml like this
version: '3'
services:
main:
command: bash -c "/usr/src/app/wait-for-it.sh --timeout=0 mongo:27017 && npm run dev"
volumes:
- ./api/src:/usr/src/app/src
this is giving error in main container:
bash: /usr/src/app/wait-for-it.sh: Permission denied
Please help how can give permission to appuser. if i remove user creation everything works fine.
In docker it is common to run application containers as the root user. Remember this is the root user of the container not the host machine. If you do want to use a separate user to run the application within the container, I suggest you move the USER statement to the end of the Dockerfile and before that add a chown to update the ownership
I need to throw the ssh folder with the keys in docker.
Dockerfile:
FROM python:3.6-alpine3.12
RUN mkdir /code && mkdir /data
ADD . /code
WORKDIR /code
RUN pip3 install -r requirement && apk add git
RUN mkdir /root/.ssh && -v ~/.ssh:/root/.ssh
RUN apk add -y wget
Error when building:
/bin/sh: illegal option -
The command '/bin/sh -c -v ~/.ssh:/root/.ssh returned a non-zero code: 2
The shell does not recognize the command -v ~/.ssh:/root/.ssh
Try this:
FROM python:3.6-alpine3.12
ADD . /code
WORKDIR /code
RUN pip3 install -r requirement && \
apk add -y git wget && \
mkdir /data
COPY $HOME/.ssh /root/.ssh
PS: I added some Dockerfile's optimization for you
EDIT:
Copying sensitive data into your container is not a good idea unless you really know what you are doing.
If your application needs to connect to a remote server you own it would be better to generate new keys for it specifically and distribute them on your server (public key).
I'm trying to install apach2, libapache2-mod-wsgi-py3 and openssl in the container. I've removed some packages and fix typos in Dockerfile but the error is still there.
When i run docker-compose build my setup is running ok, until it hit the part in the Dockerfile where I'm initializing this install and I've got this error:
E: Unable to locate package RUN
E: Unable to locate package apt-get
E: Unable to locate package install
ERROR: Service 'web' failed to build: The command '/bin/sh -c apt-get update && apt-get install -y apache2 libapache2-mod-wsgi-py3 curl dpgk-sig RUN apt-get install -yq openssh-server' returned a non-zero code: 100
You can check the whole installation process here, and this is my Dockerfile:
FROM ubuntu:16.04
FROM python:3.5
ENV PYTHONUNBUFFERED 1
RUN cat /etc/passwd
RUN cat /etc/group
RUN apt-get update && apt-get install -y \
apache2 \
libapache2-mod-wsgi-py3 \
RUN apt-get install -y openssl
RUN mkdir /var/run/sshd
ENV APACHE_RUN_USER www-data
ENV APACHE_RUN_GROUP www-data
ENV APACHE_LOG_DIR /var/log/apache
RUN mkdir /code
WORKDIR /code
ADD requirements.txt /code/
RUN pip install -r requirements.txt
ADD . /code
EXPOSE 80
ADD config/apache/000-default.conf /etc/apache/sites-available/000-default.conf
ADD config/start.sh /tmp/start.sh
ADD src /var/www
RUN chown -R root:www-data /var/www
RUN chmod u+rwx,g+rx,o+rx /var/www
RUN find /var/www -type d -exec chmod u+rwx,g+rx,o+rx {} +
RUN find /var/www -type f -exec chmod u+rw,g+rw,o+r {} +
#essentially: CMD ["/usr/sbin/apachectl", "-D", "FOREGROUND"]
CMD ["/tmp/start.sh"]
Can someone explain me why is this happening, and how to fix it, thanks.
Your problem is this line:
libapache2-mod-wsgi-py3 \
The \ is a continuation and the next thing it sees is RUN so is treating that like a package (which it can't find). Lose the \ and it should work fine.