Docker/Rails - Permission denied # rb_sysopen - linux

I am getting a permission error when I try to get the container up by using docker-compose up -d Running this on macOS worked fine, tried to build the application on a new machine (Ubuntu), but it didnt work.
Exiting
/usr/local/bundle/gems/rack-2.2.3/lib/rack/server.rb:433:in `initialize': Permission denied # rb_sysopen - /home/api/limpar/current/tmp/pids/server.pid (Errno::EACCES)
Dockerfile
FROM ruby:2.7.1
ENV LANG C.UTF-8
ENV NODE_VERSION 12
ENV NODE_ENV production
ENV INSTALL_PATH /home/api/limpar/current
RUN curl -sL https://deb.nodesource.com/setup_$NODE_VERSION.x | bash -
RUN curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add -
RUN echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list
RUN apt-get update -qq
RUN apt-get install -y --no-install-recommends nodejs postgresql-client yarn build-essential vim
RUN mkdir -p $INSTALL_PATH
WORKDIR $INSTALL_PATH
COPY Gemfile Gemfile.lock ./
RUN gem install bundler
RUN bundle install
COPY . $INSTALL_PATH
RUN rm -rf tmp
RUN useradd -Ms /bin/bash api -u 1001
RUN chown -R api:api /home/api /usr/local/bundle
USER api
EXPOSE 3000
CMD rails server -p 3000 -b 0.0.0.0
docker build runs with no failures.
Any missing points on Dockerfile, regarding user permissions?
Thanks in advance

Related

Docker run bash node: command not found [duplicate]

This question already has answers here:
Why `~/.bashrc` is not executed when run docker container?
(4 answers)
Closed 5 months ago.
I've the following Dockerfile
FROM ubuntu:latest
WORKDIR /
# Without interactive dialogue
ARG DEBIAN_FRONTEND=noninteractive
# Install required packages
RUN apt-get update
RUN apt-get install -y wget gnupg2 software-properties-common git apt-utils vim dirmngr apt-transport-https ca-certificates zip
ENV NODE_VERSION=14
RUN wget -qO- https://raw.githubusercontent.com/nvm-sh/nvm/v0.37.2/install.sh | bash \
&& . .$HOME/.nvm/nvm.sh \
&& nvm install $NODE_VERSION \
&& nvm alias default $NODE_VERSION \
&& nvm use default
# Install Wine from WineHQ Repository
RUN dpkg --add-architecture i386
RUN wget -qO- https://dl.winehq.org/wine-builds/Release.key | apt-key add -
RUN apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv F987672F
RUN apt-add-repository 'deb https://dl.winehq.org/wine-builds/ubuntu/ bionic main'
RUN apt-get update
RUN apt-get install -y --install-recommends winehq-stable
# Installing mono
RUN apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF
RUN sh -c 'echo "deb https://download.mono-project.com/repo/ubuntu stable-bionic main" > /etc/apt/sources.list.d/mono-official-stable.list'
RUN apt-get update
RUN apt-get install -y mono-complete
RUN PROJECT_DIR=/root/project
WORKDIR /project
Which allows me to build electron Apps in no matter what platform I'm on. Everything works well. Image building and also running it as a container works with no issues.
I then can go ahead and manually do the following:
#build the dockerfile
docker build -t debian-wine-electron-builder:0.1 .
#run the docker image as detached container
docker run -dt --name electron-build -v ${PWD}:/project debian-wine-electron-builder:0.1
#open a bash session in the container
docker exec -it electron-build bash
#and in there execute my commands which will build me the electron application
npm install ... #and so on
I now want to created a bash file to run all the commands making it easier to use. So one just has to run the bash file and it executes all the commands one by one.
When I want to use the docker run command followed by a `bash -c "command1 ; command2" I run into the following issue:
#building the image
docker build -t debian-wine-electron-builder:0.1 .
#docker run following commands
docker run --name electron-build -v ${PWD}:/project debian-wine-electron-builder:0.1 bash -c "npm install... ; command2 ..."
Gives me this error when trying to npm install:
bash: npm: command not found
When you run bash interactively, your .bashrc file will be run. When you run the command directly on the docker run command, bash is run non-interactively and .bashrc isn't run.
NVM uses .bashrc to set things up, so it needs to run.
You can force bash into interactive mode with the -i option. Then it'll work, but you'll get some warnings because it tries to do some terminal stuff that fails.
docker run --name electron-build -v ${PWD}:/project debian-wine-electron-builder:0.1 bash -i -c "npm install... ; command2 ..."
If you don't use nvm to switch node versions on the fly, it might be better to install the node version you want without using nvm.

Docker run only works after build

I can build and run a container with
docker build -t hopperweb:v5-full -f Dockerfile . &&
docker run -p 127.0.0.1:3000:8080 --rm -ti hopperweb:v5-full
However when I run the container I get this error: standard_init_linux.go:211: exec user process caused "exec format error"
docker run -p 127.0.0.1:3000:8080 --rm -ti hopperweb:v5-full
Why is it working when it's run after &&??
I can run the image with bash: docker run -p 127.0.0.1:3000:8080 --rm -ti hopperweb:v5-full bash without issue.
This is my DockerFile
FROM ubuntu:18.04
RUN apt-get update
RUN apt-get install --yes curl
RUN apt-get install --yes sudo ## maybe not necessary, but helpful
RUN apt-get install --yes gnupg
RUN apt-get install --yes git ## not necessary, but helpful
RUN apt-get install --yes vim ## not necessary, but helpful
## INSTALL NPM
RUN curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add -
RUN echo 'deb https://dl.yarnpkg.com/debian/ stable main' | sudo tee /etc/apt/sources.list.d/yarn.list
RUN apt-get update
RUN apt-get install --yes yarn
RUN apt-get install --yes npm
## COPY IN APP FILES
RUN mkdir /app
COPY hopperweb/ /app/hopperweb/
RUN chmod +x /app/hopperweb/start.sh
RUN /app/hopperweb/start.sh
The contents of start.sh:
#!/bin/bash
cd /app/hopperweb/
yarn start
In your first command, the docker run is never executed, as the last command (start.sh) is run during your build and it will never terminate. So you were still running docker build.
Change the following line
RUN /app/hopperweb/start.sh
to
CMD /app/hopperweb/start.sh
Do not confuse RUN with CMD. RUN actually runs a command and commits the result; CMD does not execute anything at build time, but specifies the intended command for the image.
See: https://docs.docker.com/engine/reference/builder/#cmd

Docker Volume overwriting file permissions

I have a Dockerfile where I bring in some files and change permissions.
I also have a docker-compose that creates a volume for nodemon to watch. I believe that these volumes are overwriting the permissions that I set. When I remove the volumes the app works but I don't get the server restarting. When the volumes are there the app crashes due to permissions. I've tried creating the volume first but perhaps I was doing that wrong.
FROM ubuntu:16.04
RUN apt-get update && apt-get install -y --no-install-recommends curl sudo
RUN curl -sL https://deb.nodesource.com/setup_9.x | sudo -E bash -
RUN apt-get install -y nodejs && \
apt-get install --yes build-essential
RUN apt-get install --yes npm
#VOLUME "/usr/local/app"
# Set up C++ dev env
RUN apt-get update && \
apt-get dist-upgrade -y && \
apt-get install gcc-multilib g++-multilib cmake wget -y && \
apt-get clean autoclean && \
apt-get autoremove -y
#wget -O /tmp/conan.deb -L https://github.com/conan-io/conan/releases/download/0.25.1/conan-ubuntu-64_0_25_1.deb && \
#dpkg -i /tmp/conan.deb
#ADD ./scripts/cmake-build.sh /build.sh
#RUN chmod +x /build.sh
#RUN /build.sh
RUN curl -sL https://deb.nodesource.com/setup_9.x | sudo -E bash -
RUN apt-get install -y nodejs sudo
RUN mkdir -p /usr/local/app
WORKDIR /usr/local/app
COPY package.json /usr/local/app
RUN ["npm", "install"]
RUN npm install --global nodemon
COPY . .
RUN echo "/usr/local/app/dm" > /etc/ld.so.conf.d/mythrift.conf
RUN echo "/usr/lib/x86_64-linux-gnu" >> /etc/ld.so.conf.d/mythrift.conf
RUN echo "/usr/local/lib64" >> /etc/ld.so.conf.d/mythrift.conf
RUN ldconfig
EXPOSE 9090
RUN ["chmod", "+x", "dm/dm3"]
RUN ["chmod", "777", "policy"]
RUN ls -al .
RUN npm -v
RUN node -v
notice at the end where i'm changing permissions.
version: '3'
services:
web:
build: .
volumes:
- .:/usr/local/app/
- /usr/app/node_modules
command: nodemon
ports:
- "3000:3000"
When you mount volumes into a docker container, the files inside are on a lower layer so they are hidden.
In your case, /usr/local/app from the Dockerfile is hidden. Its contents are the files from the host machine (the parent directory of docker-compose.yml). You should set the permissions in the host machine.

Docker-compose EACCESS error when spawning executable

I have a Dockerfile where I bring in some files and chmod some stuff. it's a node server that spawns an executable file.
FROM ubuntu:16.04
RUN apt-get update && apt-get install -y --no-install-recommends curl sudo
RUN curl -sL https://deb.nodesource.com/setup_9.x | sudo -E bash -
RUN apt-get install -y nodejs && \
apt-get install --yes build-essential
RUN apt-get install --yes npm
#VOLUME "/usr/local/app"
# Set up C++ dev env
RUN apt-get update && \
apt-get dist-upgrade -y && \
apt-get install gcc-multilib g++-multilib cmake wget -y && \
apt-get clean autoclean && \
apt-get autoremove -y
#wget -O /tmp/conan.deb -L https://github.com/conan-io/conan/releases/download/0.25.1/conan-ubuntu-64_0_25_1.deb && \
#dpkg -i /tmp/conan.deb
#ADD ./scripts/cmake-build.sh /build.sh
#RUN chmod +x /build.sh
#RUN /build.sh
RUN curl -sL https://deb.nodesource.com/setup_9.x | sudo -E bash -
RUN apt-get install -y nodejs sudo
RUN mkdir -p /usr/local/app
WORKDIR /usr/local/app
COPY package.json /usr/local/app
RUN ["npm", "install"]
COPY . .
RUN echo "/usr/local/app/dm" > /etc/ld.so.conf.d/mythrift.conf
RUN echo "/usr/lib/x86_64-linux-gnu" >> /etc/ld.so.conf.d/mythrift.conf
RUN echo "/usr/local/lib64" >> /etc/ld.so.conf.d/mythrift.conf
RUN ldconfig
EXPOSE 9090
RUN chmod +x dm/dm3
RUN ldd dm/dm3
RUN ["chmod", "+x", "dm/dm3"]
RUN ["chmod", "777", "policy"]
RUN ls -al .
CMD ["nodejs", "app.js"]
it works all fine but when I use docker-compose for the purpose of having an autoreload dev enviornment in docker, I get an EACCES error when spawning the executable process.
version: '3'
services:
web:
build: .
command: npm run start
volumes:
- .:/usr/local/app/
- /usr/app/node_modules
ports:
- "3000:3000"
I'm using nodemon to restart the server on changes, hence the volumes in the compose. woulds love to get that workflow up again.
I think that you problem is how you wrote the docker-compose.yml file.
I think that the line command doesn't necessary because you
especified how start the program in Dockerfile.
Could you try to run this lines?
version: '3'
services:
web:
build:
context: ./
dockerfile: Dockerfile
volumes:
- .:/usr/local/app/
- /usr/app/node_modules
ports:
- "3000:3000"
Otherwise, I think that the volumes property doesn't share /usr/app/node_modules. And I think that this is bad practice. You can run "npm install" in your Dockerfile
I hope that you could understand me =)

Docker - Node.js + MongoDB - "Error: failed to connect to [localhost:27017]"

I am trying to create a container for my Node app. This app uses MongoDB to ensure some data persistence.
So I created this Dockerfile:
FROM ubuntu:latest
# --- Installing MongoDB
# Add 10gen official apt source to the sources list
RUN apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 7F0CEB10
RUN echo 'deb http://downloads-distro.mongodb.org/repo/ubuntu-upstart dist 10gen' | tee /etc/apt/sources.list.d/10gen.list
# Hack for initctl not being available in Ubuntu
RUN dpkg-divert --local --rename --add /sbin/initctl
RUN ln -s /bin/true /sbin/initctl
# Install MongoDB
RUN apt-get update
RUN apt-get install mongodb-10gen
# Create the MongoDB data directory
RUN mkdir -p /data/db
CMD ["usr/bin/mongod", "--smallfiles"]
# --- Installing Node.js
RUN apt-get update
RUN apt-get install -y python-software-properties python python-setuptools ruby rubygems
RUN add-apt-repository ppa:chris-lea/node.js
# Fixing broken dependencies ("nodejs : Depends: rlwrap but it is not installable"):
RUN echo "deb http://archive.ubuntu.com/ubuntu precise universe" >> /etc/apt/sources.list
RUN echo "deb http://us.archive.ubuntu.com/ubuntu/ precise universe" >> /etc/apt/sources.list
RUN apt-get update
RUN apt-get install -y nodejs
# Removed unnecessary packages
RUN apt-get purge -y python-software-properties python python-setuptools ruby rubygems
RUN apt-get autoremove -y
# Clear package repository cache
RUN apt-get clean all
# --- Bundle app source
ADD . /src
# Install app dependencies
RUN cd /src; npm install
EXPOSE 8080
CMD ["node", "/src/start.js"]
Then I build and launch the whole thing through:
$ sudo docker build -t aldream/myApp
$ sudo docker run aldream/myApp
But the machine displays the following error:
[error] Error: failed to connect to [localhost:27017]
Any idea what I am doing wrong? Thanks!
Do you actually docker run aldream/myApp? In that case, with the Dockerfile that you provided, it should run MongODB, but not your app. Is there another CMD command, or another Dockerfile, or are you running docker run aldream/myApp <somethingelse>? In the latter case, it will override the CMD directive and MongoDB will not be started.
If you want to run multiple processes in a single container, you need a process manager (like e.g. Supervisor, god, monit) or start the processes in the background from a script; e.g.:
#!/bin/sh
mongod &
node myapp.js &
wait
Redefine your Dockerfile as follows;
COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf
# ENTRYPOINT should not be used as it wont allow commands from run to be executed
# Define mountable directories.
VOLUME ["/data/db"]
# Expose ports.
# - 27017: process
# - 28017: http
# - 9191: web app
EXPOSE 27017 28017 9191
ENTRYPOINT ["/usr/bin/supervisord"]
supervisord.conf will contain the following;
[supervisord]
nodaemon=true
[program:mongod]
command=/usr/bin/mongod --smallfiles
stdout_logfile=/var/log/supervisor/%(program_name)s.log
stderr_logfile=/var/log/supervisor/%(program_name)s.log
autorestart=true
[program:nodejs]
command=nodejs /opt/app/server/server.js

Resources