I'm running 5 docker containers on Ubuntu 22.04. I have created a user and added to the group and logged in by
sudo su 'user'
I have installed virtualenv and running inside of it. All my commands are without sudo.
When i run docker-compose.yml , i see 2 warnings which are as follows:
1.The directory '/root/.cache/pip' or its parent directory is not owned or is not writable by the current user. The cache has been disabled. Check the permissions and owner of that directory. If executing pip with sudo, you should use sudo's -H flag
2.Running pip as the 'root' user can result in broken permissions and conflicting behaviour with the system package manager. It is recommended to use a virtual environment instead: https://pip.pypa.io/warnings/venv
When i run the commands, there is clearly
(myEnv)user#instance-2:~/okuna-api$
which means the venv is activated.
I have already done the following :
sudo addgroup mygroup
sudo adduser user mygroup
sudo chown -R user:mygroup /home/user
sudo chmod -R g+rwX /home/user
sudo chmod 777 /var/run/docker.sock
This is a continuation to my question which isn't answered yet :
Django rest API : Python command-line .py execution: Stuck at a certain place
The core issue seems the permissions to the /root folder. I'm unable to find the right command to enable the user with read and write permissions to the root folder. Also,the docker group is created and I have already tried the following after adding user to the docker group:
sudo chown -R user:mygroup /root/.cache/pip/
But the warning still persists. I can't figure what else to do.kindky help.
Related
I have been trying to create a folder in /etc in ubuntu 20.10 but it is showing
mkdir: cannot create directory ‘wiki’: Permission denied
the above error message. how to resolve this
Thanks!...
You need to have root permission to create document. Your current user doesn't have root privileges. You can use $sudo mkdir /etc/wiki to create folder.
Another option is to add your user to sudo group. For example, your user name is 'ubuntu' the you can execute the following command to add user to sudo group
$ sudo usermod -aG sudo ubuntu
To verify user belongs to Sudo Group
$ groups ubuntu
Output
ubuntu : ubuntu sudo
Once you have added your user(ubuntu) to Sudo group, you don't have to use sudo with every command.
When I tried to install Python 3 through Homebrew,
I got the following message. How can I fix this error?
I’m not familiar with command line, so I would appreciate
if you could provide me with the exact commands to execute
to resolve the issue.
Error: The following directories are not writable by your user:
/usr/local/share/man/man7
You should change the ownership of these directories to your user.
sudo chown -R $(whoami) /usr/local/share/man/man7
And make sure that your user has write permission.
chmod u+w /usr/local/share/man/man7
You have to change ownership on the mentioned directory by running the command:
sudo chown -R $(whoami) /usr/local/share/man/man7
None of the other answers worked for me.
I solved it by running
sudo chown -R $(whoami) /usr/local/share
Instead of the specific path it was asking.
I was also getting the same error all of sudden while it was working fine till yesterday. well resolved it by changing the ownership with below command:-
sudo chown -R $<whoami>:<id -g> /usr/local/share/man/man7
id -g is to get the group name and whoami to get the username.
Came across this exact error recently when I tried to install mySQL : The following directories are not writable by your user:
I followed the below steps that fixed it :-
Run the below command lines in your terminal
brew doctor
This will take a while to run, once completed it will highlight some warnings that will help with debugging if any issues. For me, It prompted the below.
Broken symlinks were found. Remove them with brew cleanup
The issue was fixed finally after running brew cleanup, and I was able to then download MySQL with the below command with no issues.
brew install mysql
I am a newbie with server handling and Linux. I am trying to install composer on my server so that i can host my Laravel project onto it as mentioned in the tutorial in Ultimate Guide: Deploy Laravel 5.3 App on LEMP Stack. I ssh into the server and after installation of composer when I run sudo mv composer.phar /usr/local/bin/composer I am getting a message in the terminal:
-bash: sudo: command not found
I desperately need some deliberate help
Sudo is probably not installed or not in your path
check to see if you are root in this case sudo is not needed unless you are trying to impersonate another user. just run your command without sudo mv composer.phar /usr/local/bin/composer
See if sudo is your path by running which sudo or echo $PATH. If sudo is not in your path, your path variable might be broken. You can try testing this by executing a common location for sudo /usr/bin/sudo or running locate sudo | grep bin to attempt to find its location.
If you know that sudo was installed, or your path looks broken, try fixing your path. Check your distribution's env file (/etc/environment in ubuntu) to make sure that it is formatted correctly (script commands are illegal in this file)
If you are not root and you want to run a command with root prvileges then you must install sudo. But if you don't have sudo and you are not root then you can't install it. In this case I recommend switching to the root user with su
If you do not have the root password and you own the machine, you can reset the root password with a tutorial such as https://askubuntu.com/questions/24006/how-do-i-reset-a-lost-administrative-password
After you manage to login as root install sudo with apt-get update; apt-get install sudosince you are using Ubuntu.
Verify the the name of your sudoers group with visudo and modify your sudoers file if you need to. https://www.digitalocean.com/community/tutorials/how-to-edit-the-sudoers-file-on-ubuntu-and-centos
if you have an existing sudoers group or you create one you can add yourself to the group. For example if your sudoers group is called sudo run usermod -aG sudo myuser. The sudoers group by default in Ubuntu based Linux is sudo. A sudoers group entry looks like this: %sudo ALL=(ALL:ALL) ALL
If you are trying to impersonate another user and cannot install sudo, you can still use su if it is installed and you have permission / password for the other user.
e.g. su someuser
As suggested in this post, you may have to install sudo in your server.
To do that, log in as root with the following command: su -. Then install sudo with your package manager (if you're in Ubuntu: apt-get install sudo).
Then add your user to the sudo group: usermod -aG sudo <username>.
Finally type exit to log out of the root account and go back to your user.
try to install your sudo using by first logging in as a root(su - ) and then try to install **apt-get or yum sudo **. Make sure your path variable is set so that you would be able to get binary.
which sudo
echo $PATH
I have been trying to allow access to the normal user of an EC2 amazon server ('ec2-user') to a certain library.
I did: "sudo chown -R ec2-user /usr" which I realize now had been a fatal mistake. It worked, but sudo is gone. If I try to use sudo I get: "sudo: effective uid is not 0, is sudo installed setuid root?"
I tried "chmod u+s /usr" like it is suggested in another answer. It does not solve the issue.
I guess that there is something basic I am missing. Forgive my newb ignorance.
The suid bit of the permissions for sudo changes the effective user to the owner of the sudo command file, which you changed to be ec2-user. You need to give ownership of the sudo command back to root.
I'm trying to switch user to the tomcat7 user in order to setup SSH certificates.
When I do su tomcat7, nothing happens.
whoami still ruturns root after doing su tomcat7
Doing a more /etc/passwd, I get the following result which clearly shows that a tomcat7 user exists:
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:12:man:/var/cache/man:/bin/sh
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
mail:x:8:8:mail:/var/mail:/bin/sh
news:x:9:9:news:/var/spool/news:/bin/sh
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
proxy:x:13:13:proxy:/bin:/bin/sh
www-data:x:33:33:www-data:/var/www:/bin/sh
backup:x:34:34:backup:/var/backups:/bin/sh
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
libuuid:x:100:101::/var/lib/libuuid:/bin/sh
messagebus:x:101:104::/var/run/dbus:/bin/false
colord:x:102:105:colord colour management daemon,,,:/var/lib/colord:/bin/false
saned:x:103:106::/home/saned:/bin/false
tomcat7:x:104:107::/usr/share/tomcat7:/bin/false
What I'm trying to work around is this error in Hudson:
Command "git fetch -t git#________.co.za:_______/_____________.git +refs/heads/*:refs/remotes/origin/*" returned status code 128: Host key verification failed.
This is my Dockerfile, it takes an existing hudson war file and config that is tarred and builds an image, hudson runs fine, it just can't access git due to certificates not existing for user tomcat7.
FROM debian:wheezy
# install java on image
RUN apt-get update
RUN apt-get install -y openjdk-7-jdk tomcat7
# install hudson on image
RUN rm -rf /var/lib/tomcat7/webapps/*
ADD ./ROOT.tar.gz /var/lib/tomcat7/webapps/
# copy hudson config over to image
RUN mkdir /usr/share/tomcat7/.hudson
ADD ./dothudson.tar.gz /usr/share/tomcat7/
RUN chown -R tomcat7:tomcat7 /usr/share/tomcat7/
# add ssh certificates
RUN mkdir /root/.ssh
ADD ssh.tar.gz /root/
# install some dependencies
RUN apt-get update
RUN apt-get install --y maven
RUN apt-get install --y git
RUN apt-get install --y subversion
# background script
ADD run.sh /root/run.sh
RUN chmod +x /root/run.sh
# expose port 8080
EXPOSE 8080
CMD ["/root/run.sh"]
I'm using the latest version of Docker (Docker version 1.0.0, build 63fe64c/1.0.0), is this a bug in Docker or am I missing something in my Dockerfile?
You should not use su in a dockerfile, however you should use the USER instruction in the Dockerfile.
At each stage of the Dockerfile build, a new container is created so any change you make to the user will not persist on the next build stage.
For example:
RUN whoami
RUN su test
RUN whoami
This would never say the user would be test as a new container is spawned on the 2nd whoami. The output would be root on both (unless of course you run USER beforehand).
If however you do:
RUN whoami
USER test
RUN whoami
You should see root then test.
Alternatively you can run a command as a different user with sudo with something like
sudo -u test whoami
But it seems better to use the official supported instruction.
As a different approach to the other answer, instead of indicating the user upon image creation on the Dockerfile, you can do so via command-line on a particular container as a per-command basis.
With docker exec, use --user to specify which user account the interactive terminal will use (the container should be running and the user has to exist in the containerized system):
docker exec -it --user [username] [container] bash
See https://docs.docker.com/engine/reference/commandline/exec/
In case you need to perform privileged tasks like changing permissions of folders you can perform those tasks as a root user and then create a non-privileged user and switch to it.
FROM <some-base-image:tag>
# Switch to root user
USER root # <--- Usually you won't be needed it - Depends on base image
# Run privileged command
RUN apt install <packages>
RUN apt <privileged command>
# Set user and group
ARG user=appuser
ARG group=appuser
ARG uid=1000
ARG gid=1000
RUN groupadd -g ${gid} ${group}
RUN useradd -u ${uid} -g ${group} -s /bin/sh -m ${user} # <--- the '-m' create a user home directory
# Switch to user
USER ${uid}:${gid}
# Run non-privileged command
RUN apt <non-privileged command>
Add this line to docker file
USER <your_user_name>
Use docker instruction USER
You should also be able to do:
apt install sudo
sudo -i -u tomcat
Then you should be the tomcat user. It's not clear which Linux distribution you're using, but this works with Ubuntu 18.04 LTS, for example.
There's no real way to do this. As a result, things like mysqld_safe fail, and you can't install mysql-server in a Debian docker container without jumping through 40 hoops because.. well... it aborts if it's not root.
You can use USER, but you won't be able to apt-get install if you're not root.