I have several files in a directory on the host machine which I am trying to copy to the container and also have some run commands inside my docker-compose.
The first set up until the crowd section stats woks fine, but anything from the crown jar down just fails and doesn't work. I tried to run the manial docker cp command to copy the files from host to the container and that works. Can someone please shed some light on this?
This is a part of my Dockerfile:
WORKDIR /usr/local/tomcat
USER root
COPY server.xml conf/server.xml
RUN chmod 660 conf/server.xml
USER root
ADD tomcat.keystore /usr/local/tomcat/
RUN chmod 644 tomcat.keystore
RUN chown root:staff /usr/local/tomcat/tomcat.keystore
ADD crowd-auth-filter-1.0.0.jar /usr/local/tomcat/webapps/guacamole/WEB-INF/lib/
ADD crowd-filter.properties /usr/local/tomcat/webapps/guacamole/WEB-INF/lib/
RUN chmod 644 crowd-filter.properties
ADD web.xml /usr/local/tomcat/webapps/guacamole/WEB-INF/
RUN /usr/local/tomcat/bin/shutdown.sh
RUN /usr/local/tomcat/bin/startup.sh
Thanks
Related
hi i need to chmod this file /root/Desktop/folderdocker/index.php
using chmod 774 command
here my dockerfile:
FROM php:7.4-cli
copy . index.php
RUN chmod -R 774 /Dekstop/folderdocker/index.php
RUN chown -R root /var/www
output:
Sending build context to Docker daemon 342.9MB
Step 1/4 : FROM php:7.4-cli
---> f4f453029716
Step 2/4 : copy . index.php
---> Using cache
---> bc9a68fff22f
Step 3/4 : RUN chmod -R 774 /Dekstop/folderdocker/index.php
---> Running in 4ddc85713576
chmod: cannot access '/Dekstop/folderdocker/index.php': No such file or directory```
You are copying the directory of the Dockerfile into a dir called index.php in the root of your image. Then you are referencing a file in a path that does not exist.
Make sure index.php is next to your Dockerfile, for the next command to work, or you would need to modify the source path.
You should COPY index.php /some/path/or/just/root/index.php make sure you RUN mkdir if the path does not exist. And then you can chown the file.
In order to be able to see the image you are inheriting from you can run:
docker run -it php:7.4-cli sh to get a shell in it and see the available dirs.
RUN adduser -D appUser
RUN mkdir /usr/share/app
RUN mkdir /logs
ADD Function/target/foo.jar /usr/share/app
WORKDIR /usr/share/app
RUN chown -R appUser /usr/share/app
RUN chown -R appUser /logs
USER appUser
EXPOSE 8080
ENTRYPOINT ["java", "-jar", "foo.jar"]`
I've got this weird issue I can't seem to work my head around.
My root folder contains two directories, (both with subdirectories) 'Demo/Dockerfile' and 'Function/target/foo.jar'
I have a copy command in my Dockerfile that reads
COPY Function/target/foo.bar /usr/share/app
but when I run docker build -f Demo/Dockerfile from the root folder, I get an error
stat /var/lib/docker/tmp/docker-builder238823934/Function/target/foo.jar: no such file or directory
I find this a bit strange because when I edit the copy command to read COPY /target/foo.bar /usr/share/app and then I cd into the Function directory and run
docker build -f ../Demo/Dockerfile
it builds successfully, or if I edit the Dockerfile to read COPY foo.bar /usr/share/app and then cd into the target directory and run docker build -f ../../Demo/Dockerfile, this also works.
Is there an explanation for this sort of behavior?
This is what my dockerignore file looks like
!**/Dockerfile
!DockerServiceDescription/**
!Function/target/*.war
!server.xml
!tomcat-users.xml
Docker uses context directory and children only and does not allow using any files outside for security reasons.
You should show context directory to docker using '.' or so:
cd myproject
docker build -f Demo/Dockerfile .
Seems like a basic issue but couldnt find any answers so far ..
When using ADD / COPY in Dockerfile and running the image on linux, the default file permission of the file copied in the image is 644. The onwner of this file seems to be as 'root'
However, when running the image, a non-root user starts the container and any file thus copied with 644 permission cannot execute this copied/added file and if the file is executed at ENTRYPOINT it fails to start with permission denied error.
I read in one of the posts that COPY/ADD after Docker 1.17.0+ allows chown but in my case i dont know who will be the non-root user starting so i cannot set the permission as that user.
I also saw another work around to ADD/COPY files to a different location and use RUN to copy them from the temp location to actual folder like what am doing below. But this approach doesnt work as the final image doesnt have the files in /otp/scm
#Installing Bitbucket and setting variables
WORKDIR /tmp
ADD atlassian-bitbucket-${BITBUCKET_VERSION}.tar.gz .
COPY bbconfigupdater.sh .
#Copying Entrypoint script which will get executed when container starts
WORKDIR /tmp
COPY entrypoint.sh .
RUN ls -lrth /tmp
WORKDIR /opt/scm
RUN pwd && cp /tmp/bbconfigupdater.sh /opt/scm \
&& cp /tmp/entrypoint.sh /opt/scm \
&& cp -r /tmp/atlassian-bitbucket-${BITBUCKET_VERSION} /opt/scm \
&& chgrp -R 0 /opt/ \
&& chmod -R 755 /opt/ \
&& chgrp -R 0 /scm/bitbucket \
&& chmod -R 755 /scm/bitbucket \
&& ls -lrth /opt/scm && ls -lrth /scmdata
Any help is appreciated to figure out how i can get my entrypoint script copied to the desired path with execute permissions set.
The default file permission is whatever the file permission is in your build context from where you copy the file. If you control the source, then it's best to fix the permissions there to avoid a copy-on-write operation. Otherwise, if you cannot guarantee the system building the image will have the execute bit set on the files, a chmod after the copy operation will fix the permission. E.g.
COPY entrypoint.sh .
RUN chmod +x entrypoint.sh
A better option with newer versions of docker (and which didn't exist when this answer was first posted) is to use the --chmod flag (the permissions must be specified in octal at last check):
COPY --chmod=0755 entrypoint.sh .
You do not need to know who will run the container. The user inside the container is typically configured by the image creator (using USER) and doesn't depend on the user running the container from the docker host. When the user runs the container, they send a request to the docker API which does not track the calling user id.
The only time I've seen the host user matter is if you have a host volume and want to avoid permission issues. If that's your scenario, I often start the entrypoint as root, run a script called fix-perms to align the container uid with the host volume uid, and then run gosu to switch from root back to the container user.
A --chmod flag was added to ADD and COPY instructions in Docker CE 20.10. So you can now do.
COPY --chmod=0755 entrypoint.sh .
To be able to use it you need to enable BuildKit.
# enable buildkit for docker
DOCKER_BUILDKIT=1
# enable buildkit for docker-compose
COMPOSE_DOCKER_CLI_BUILD=1
Note: It seems to not be documented at this time, see this issue.
I'm trying to build a docker image for jenkins that automates the configuration of the server. I'd like to use yaml for my config files. For that I need to make snakeyaml available to the groovy grapes. Here is my docker file
FROM jenkins/jenkins:2.107.3
ENV JAVA_OPTS="-Djenkins.install.runSetupWizard=false"
USER root
RUN mkdir -p /var/jenkins_home/files
RUN mkdir -p /var/jenkins_home/.groovy/grapes/org.yaml/snakeyaml/jars
RUN chown -R jenkins:jenkins /var/jenkins_home/files
RUN chown -R jenkins:jenkins /var/jenkins_home/.groovy/grapes/org.yaml/snakeyaml/jars
USER jenkins
COPY plugins.txt /usr/share/jenkins/ref/plugins.txt
RUN /usr/local/bin/install-plugins.sh < /usr/share/jenkins/ref/plugins.txt
COPY 03security.groovy /usr/share/jenkins/ref/init.groovy.d/03security.groovy
COPY ivy-1.21.xml /var/jenkins_home/.groovy/grapes/org.yaml/snakeyaml/ivy-1.21.xml
COPY snakeyaml-1.21.jar /var/jenkins_home/.groovy/grapes/org.yaml/snakeyaml/jars/snakeyaml-1.21.jar
COPY mainConfig.yml /var/jenkins_home/files/mainConfig.yml
COPY 03mainConfig.groovy /usr/share/jenkins/ref/init.groovy.d/03mainConfig.groovy
I don't why I'm having this problem, but when I run the build I'm getting this error:
chown: cannot access '/var/jenkins_home/files': No such file or directory
I've run similar commands in other images and not had this issue, but it won't let me create or access that file and I get the same error when I exclude it and try with only the .groovy/grapes path.
Any help in this is appreciated. Also, if you know a working solution to get snakeyaml(or another library) loaded into a jenkins docker image then I'd like to see that too.
I guess it's because /var/jenkins_home/ is volume. If you run command docker history jenkins/jenkins you will see it.
<missing> 2 months ago /bin/sh -c #(nop) VOLUME [/var/jenkins_home] 0B
You can add your files you want to copy to /var/jenkins_home, to direcotry /usr/share/jenkins/ref
COPY *.xml /usr/share/jenkins/ref/
It means that all you xml files will be copied into /var/jenkins_home after container starts.
Im pulling a wordpress image and everything is working fine but when I go to the wordpress editor page the following error is on the top of screen.
Autoptimize cannot write to the cache directory (/var/www/html/wp-content/cache/autoptimize/), please fix to enable CSS/ JS optimization!
I assumed RUN chown -R www-data:www-data wp-content/ would solve that issue but its not working. Any ideas would be appreciated. My Dockerfile is below.
FROM wordpress:4.9.2-php7.2-apache
RUN chown -R www-data:www-data wp-content/
COPY ./src /var/www/html/
# Install the new entry-point script
COPY secrets-entrypoint.sh /secrets-entrypoint.sh
RUN chmod +x /secrets-entrypoint.sh
ENTRYPOINT ["/secrets-entrypoint.sh"]
EXPOSE 80
CMD ["apache2-foreground"]
I'm not sure the exact permission but you don't want to be writing inside a container so you should define a volume. Since you don't need the data to persist, you can do this in your dockerfile like:
VOLUME /var/www/html/wp-content/cache
This will set up a default volume where Docker will choose the location on your host, but you can mount it to a named volume instead when the container is created if you like.
You could also use a tmpfs volume which is good for things like cache files.