I am starting Postgresql image with following volume
/Users/me/Desktop/volumes/postgresql/data:/var/lib/postgresql/data
According to docker docs it should work as docker should have access to /Users directory on Mac OS. After creating & runing container I can see
that empty directory /Users/me/Desktop/volumes/postgresql/data is created however Postgres does not start and show these lines in log:
could not create directory "/var/lib/postgresql/data/global": Permission denied
What I am doing wrong?
Your directory belongs to a different User then the user, that the User that executes the container.
Could you change your directory like that for a start.
chmod 777 /Users/me/Desktop/volumes/postgresql/data
If you can start your container with this setting, then this missing permissions are the root cause.
You could then try to start your container with
run -u uid ...
and specify the userid of your user on macos.
You have to create the user in boot2docker too, i.e.
boot2docker ssh
sudo sh
adduser <anyuserid> -u <your uid>
I had the same problem.
What I done was the workaround by creating the folder inside the Virtual Box.
Set your docker-compose.yml postgresql folder:
/Users/me/Desktop/volumes/postgresql/data
to
/root/data
Enter at the Docker at Virtual Box and create the data folder
Related
I cannot start tensorflow with image download from tensorflow
I used docker on windows 10 and for error ouput said this:
WARNING: You are running this container as root, which can cause new files in
mounted volumes to be created as the root user on your host machine.
To avoid this, run the container by specifying your user's userid:
$ docker run -u $(id -u):$(id -g) args...
I try search a problem for google... but cannot found, my experience with docker is null
This is a warning specifying that to access/change the files created in the mounted directory you may require sudo and you may not be able to change such files as a non sudo user, since your docker container used sudo permissions while creating them.
A quick search shows that there are many blog references available, check these -
Docker creates files as root in mounted volume
Running a Docker container as a non-root user
Setup Docker for windows using windows subsystem linux
https://jtreminio.com/blog/running-docker-containers-as-current-host-user/
https://medium.com/better-programming/running-a-container-with-a-non-root-user-e35830d1f42a
https://docs.docker.com/install/linux/linux-postinstall/
I am trying to get the Superset running on ubuntu server. I have referenced the steps from Superset page as below:
git clone https://github.com/apache/incubator-superset/
cd incubator-superset/contrib/docker
# prefix with SUPERSET_LOAD_EXAMPLES=yes to load examples:
docker-compose run --rm superset ./docker-init.sh
# you can run this command everytime you need to start superset now:
docker-compose up
I have fixed the initial issues around right version of docker-compose and postgress address bind issue on port 5432. So after fixing those my docker compose run command
docker-compose run --rm superset ./docker-init.sh
works fine and it asks me to set up a user name and password.
Finally to get the container running I run the final command
docker-compose up.
On my mac, it would run redis, postrgre container and then give me a localhost:8088 for me to get access to Superset UI with login info.
However on Ubuntu, when I run that, I first get this:
So looks it is running redis and postgres containers fine.
But then it is giving me Permission denied errors to create some mkdir directory.
Pls note I am running it as root user.
Also, my docker compose version is fine with 1.23.2 and my docker along with docker-compose is installed under
/usr/bin/docker and not /usr/local/bin/docker.
But I think that shouldn't be an issue.
Any help where it is going wrong and how can I fix it?
Thanks
Edit:
Ok I looked at the same issue mentioned on Github. And used a suggestion of using it only for Production and not development in docker-compose.yml file.
It seems to not throw the same error now when I do
docker-compose up.
However when I open localhost:8088 it does not connect to the UI.
try this:
mkdir ../../assets
chmod -R 777 ../../superset/assets/
as set in docker-compose.yml#L64, it is using ../../superset as volume when in develop. However the container does not have any permission in the host so the solution is to make a directory by yourself and grant the necessary permissions on to it.
I am using the docker file for project API Sprout.
I want to launch the executable inside the docker container on a local file called open_api.json. Following the README, I run:
docker run -p 8000:8000 -v $(pwd)open_api.json:/api.json danielgtaylor/apisprout /api.json
But it fails with
[..datetime...] open /tmp/api.json: permission denied
How should I give the right permission / user to the file or container?
you need to give the api.json file the correct permissions.
for test give use:
chmod 777 api.json
. if it works change the permissions to something more restricted
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/4/html/Step_by_Step_Guide/s1-navigating-ownership.html
I am trying to deploy a mariadb image on openshift origin. I am using mariadb:10.2.12 in my docker file. It works ok on local but I get following error when I try to deploy on openshift origin.
Initializing database
chown: changing ownership of '/var/lib/mysql/': Operation not permitted
Cannot change ownership of the database directories to the 'mysql'
user. Check that you have the necessary permissions and try again.
The chown command comes from mariadb:10.2.12 Docker file.
Initially I had the issue of root user which is not allowed on openshift origin, so now I am using
USER mysql
in the docker file. Now I don't get warning of running as root but still openshift origin don't like chown. Remember I am not the admin of origin, only a user. My docker file is as follows:
FROM mariadb:10.2.12
ENV MYSQL_DATABASE="db_profile"
COPY ./my.cnf /etc/mysql/my.cnf
COPY ./db_profile.sql /docker-entrypoint-initdb.d/
USER mysql
EXPOSE 3306
and on local I run it as follows:
docker build . -t laeeq/ligandprofiledb:0.0.1
docker run --name test-mysql -e MYSQL_ROOT_PASSWORD=mypassword -d laeeq/ligandprofiledb:0.0.1
Is there a workaround to solve this chown problem?
The MariaDB images on DockerHub don't follow good practice of not requiring to be run as root user.
You should instead use the MariaDB images provided by OpenShift. Eg:
centos/mariadb-102-centos7
See:
https://github.com/sclorg/mariadb-container
There should be an ability to select MariaDB from the service catalog browser in the OpenShift web console, or use the mariadb template from the command line.
$ ls -ld /var/lib
drwxr-xr-x 79 root root 4096 Oct 7 20:58 /var/lib
So, to change anything in that directory, including /var/lib/mysql/, you need to be root.
You should change ownership before USER mysql in Dockerfile or if you need to run container as a root you should define service account and make it privileged for your deployment. You can follow this https://github.com/openshift/origin/issues/9131#issuecomment-231952259
I am launch a jenkins docker container for CI work. And the host OS I am using is CoreOS. Inside the jenkins container, I also installed docker-cli in order to run build on docker containers in the host system. In order to do that, I use below configuration to mount /var/run on the jenkins container for mapper Docker socket:
volumes:
- /jenkins/data:/var/jenkins_home
- /var/run/docker.sock:/var/run/docker.sock:rw
when I launch the container and run docker command, I got below error:
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.29/containers/json: dial unix /var/run/docker.sock: connect: permission denied
The /var/run is root permission but my user is jenkins. How can I solve the permission issue to allow jenkins user to use docker command through mapper socket?
I have tried below command but the container doesn't allow me to run sudo:
$ sudo usermod -a -G docker jenkins
We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:
#1) Respect the privacy of others.
#2) Think before you type.
#3) With great power comes great responsibility.
sudo: no tty present and no askpass program specified
There's nothing magical about permissions in Docker: they work just like permissions outside of Docker. That is, if you want a user to have access to a file (like /var/run/docker.sock), then either that file needs to be owned by the user, or they need to be a member of the appropriate group, or the permissions on the file need to permit access to anybody.
Exposing /var/run/docker.sock to a non-root user is a little tricky, because typical solutions (just chown/chmod things from inside the container) will potentially break things on your host.
I suspect the best solution may be:
Ensure that /var/run/docker.sock on your host is group-writable (e.g., create a docker group on your host and make sure that users in that group can use Docker).
Pass the numeric group id of your docker group into the container as an environment variable.
Have an ENTRYPOINT script in your container that runs as root that (a) creates a group with a matching numeric gid, and (b) modifies the Jenkins users to be a member of that group, and then (c) exec your docker CMD as the jenkins user.
So, your entrypoint script might look something like this (assuming that you have passed in a value for $DOCKER_GROUP_ID in your docker-compose.yml):
#!/bin/sh
groupadd -g $DOCKER_GROUP_ID docker
usermod -a -G docker jenkins
exec runuser -u jenkins "$#"
You would need to copy this into your image and add the appropriate ENTRYPOINT directive to your Dockerfile.
You may not have the runuser command. You can accomplish something similar using sudo or su or other similar commands.