search

docker-library / postgres

Docker Official Image packaging for Postgres
http://www.postgresql.org
MIT License
2.2k stars 1.14k forks source link

chmod: changing permissions of '/var/run/postgresql': Operation not permitted #1144

Closed steakhutzeee closed 11 months ago

steakhutzeee commented 11 months ago

Hi,

I'm running this in my compose:

paperless-ngx_db:
    image: docker.io/library/postgres:15
    container_name: paperless-ngx_db
    user: 1000:100
    volumes:
      - /srv/dev-disk-by-label-HC2/AppData/paperless-ngx_db/data:/var/lib/postgresql/data
      - /etc/passwd:/etc/passwd:ro
    environment:
      - POSTGRES_DB=xxx
      - POSTGRES_USER=xxx
      - POSTGRES_PASSWORD=xxx
    restart: unless-stopped

So running it as another user.

In the logs I see:


01:10:05
chmod: changing permissions of '/var/run/postgresql': Operation not permitted
01:10:05
01:10:05
PostgreSQL Database directory appears to contain a database; Skipping initialization
01:10:05
01:10:07
2023-11-23 00:10:07.997 UTC [1] LOG:  starting PostgreSQL 15.5 (Debian 15.5-1.pgdg120+1) on arm-unknown-linux-gnueabihf, compiled by gcc (Debian 12.2.0-14) 12.2.0, 32-bit
01:10:08
2023-11-23 00:10:08.072 UTC [1] LOG:  listening on IPv4 address "0.0.0.0", port 5432
01:10:08
2023-11-23 00:10:08.072 UTC [1] LOG:  listening on IPv6 address "::", port 5432
01:10:08
2023-11-23 00:10:08.275 UTC [1] LOG:  listening on Unix socket "/var/run/postgresql/.s.PGSQL.5432"
01:10:08
2023-11-23 00:10:08.661 UTC [17] LOG:  database system was shut down at 2023-11-22 23:55:29 UTC
01:10:09
2023-11-23 00:10:09.021 UTC [1] LOG:  database system is ready to accept connections

Read other issues about this but I'm not sure if my compose is ok and if I can just ignore this error.

Thanks!

LaurentGoderre commented 11 months ago

I am curious to know why you are overriding the user? The default user and group for postgres is 70:70

steakhutzeee commented 11 months ago

I am curious to know why you are overriding the user? The default user and group for postgres is 70:70

It's an habit, i run "all" containers rootless.

tianon commented 11 months ago

Yeah, it's OK to ignore this error -- our entrypoint specifically ignores errors from this command because it's intended to be a best-effort change that will fail in exactly the case you're in (running as non-root). :+1: