search

SemanticComputing / fuseki-docker

Apache Jena Fuseki with SeCo extensions
MIT License
33 stars 15 forks source link

sed: couldn't open temporary file /fuseki-base/configuration/seduXVqzT: Permission denied #19

Closed Lexachoc closed 1 year ago

Lexachoc commented 1 year ago

Hi, First, thank you for the docker image!

After I run it on a remote Ubuntu server. I encounter the sed: couldn't open temporary file /fuseki-base/configuration/seduXVqzT: Permission denied error when using volume in docker-compose.yml as below:

fuseki:
    image: secoresearch/fuseki
    volumes:
      - ./fastapi_app/data/fuseki/shiro.ini:/fuseki-base/shiro.ini
      - ./fastapi_app/data/fuseki/databases:/fuseki-base/databases
      - ./fastapi_app/data/fuseki/configuration:/fuseki-base/configuration
    environment:
      - ENABLE_DATA_WRITE=true
      - ENABLE_UPDATE=true
      - ENABLE_UPLOAD=true
      - QUERY_TIMEOUT=60000 # in milliseconds (60 seconds by default)
    networks:
      - default
      - proxy-net
    ports:
      - "3030:3030"
    restart: always

same issue with this one, but I can't find a way to fix it. (I know this must be related to the permission.)

Both volumes for /fuseki-base/shiro.ini and .ttl files in /fuseki-base/configuration are not working.

The problem is that I also want to change the "shiro.ini" file to restrict access to the endpoints, but when I tried to copy it to the container, it showed up:

Error response from daemon: Error processing tar file(exit status 1): unlinkat /fuseki-base/shiro.ini: device or resource busy

and I also cannot use volume/bind mount for the shiro.ini as in my docker-compose.yml: sed: cannot rename /fuseki-base/sedMBBigJ: Device or resource busy

Do you have any idea how to deal with these issues?

Lexachoc commented 1 year ago

I finally fixed it by adding:

user: root

to the docker-compose.yml file which fixs the issue with sed: couldn't open temporary file.

As for the shiro.ini, instead of
using - ./fastapi_app/data/fuseki/shiro.ini:/fuseki-base/shiro.ini I change it to - ./fastapi_app/data/fuseki/shiro.ini:/jena-fuseki/shiro.ini

now the shiro.ini is replaced with my host shiro.ini!

So the compete settings are:

  fuseki:
    image: secoresearch/fuseki
    volumes:
      - ./fastapi_app/data/fuseki/shiro.ini:/jena-fuseki/shiro.ini
      - ./fastapi_app/data/fuseki/databases:/fuseki-base/databases
      - ./fastapi_app/data/fuseki/configuration:/fuseki-base/configuration
    user: root  # Run the container with root user
    environment:
      - ENABLE_DATA_WRITE=true
      - ENABLE_UPDATE=true
      - ENABLE_UPLOAD=true
      - QUERY_TIMEOUT=60000 # in milliseconds (60 seconds by default)
    networks:
      - default
      - proxy-net
    ports:
      - "3030:3030"
    restart: always

in case someone like me has the same problem.

But I don't know why I have a problem with the permit, to be honest. I'm using Pycharm+ Win10 to deploy to a remote Ubuntu server. and I'm not sure if there are any security concerns....

yoge1 commented 1 year ago

The cause for the error sed: couldn't open temporary file /fuseki-base/configuration/seduXVqzT: Permission denied seems to be related to file permissions. A workaround is to (as you found out) to run the container as the root user, or to give write permissions to the host directory ./fastapi_app/data/fuseki/configuration (seems to work on Linux, but not on Mac). Other possibility is to use a volume instead of a bind mount for /fuseki-base/configuration.

As it's perhaps slightly incongruent to both have an (explicit) assembler.ttl file in use and use environment variables to enable endpoints (as the environment variables cause modifications to the assembler.ttl file), I now added a note on this in README, saying that it is not encouraged to have/use them both. Instead, it is recommended to enable the endpoints by editing the file assembler.ttl acordingly.