search

envygeeks / jekyll-docker

⛴ Docker images, and CI builders for Jekyll.
ISC License
998 stars 282 forks source link

Errno::EACCES: Permission denied @ rb_file_s_rename #303

Open sergio-ns opened 3 years ago

sergio-ns commented 3 years ago

Hello, after finding a workaround to #302 I've not got another permission denied problem.

See my docker-compose below.

version: '3'

services:
   new:
      image: jekyll/builder:latest
      container_name: jekyll_new
      volumes:
         - /share/DockerVolumes/jekyll:/srv/jekyll
      command: 'jekyll new mysite'

      environment:
         - JEKYLL_UID=1000
         - JEKYLL_GID=1000

User jekyll (UID/GID: 1000) has full privileges on dir /share/DockerVolumes/jekyll but the permission error seems to happen inside the container (I don't have a /homes/keyll directory on my system). When I run: docker-compose up new I get:

new_1    | ruby 2.7.1p83 (2020-03-31 revision a0c7c23c9c) [x86_64-linux-musl]
new_1    | Running bundle install in /srv/jekyll/mysite...
new_1    |   Bundler: Fetching gem metadata from https://rubygems.org/..........
new_1    |   Bundler: Fetching gem metadata from https://rubygems.org/.
new_1    |   Bundler: Resolving dependencies...
new_1    |   Bundler: Using public_suffix 4.0.6
new_1    |   Bundler: Using bundler 2.2.2
new_1    |   Bundler: Using colorator 1.1.0
new_1    |   Bundler: Using concurrent-ruby 1.1.7
new_1    |   Bundler: Using eventmachine 1.2.7
new_1    |   Bundler: Using http_parser.rb 0.6.0
new_1    |   Bundler: Using ffi 1.14.2
new_1    |   Bundler: Using forwardable-extended 2.6.0
new_1    |   Bundler: Using rb-fsevent 0.10.4
new_1    |   Bundler: Fetching rexml 3.2.4
new_1    |   Bundler: Using liquid 4.0.3
new_1    |   Bundler: Using mercenary 0.4.0
new_1    |   Bundler: Using rouge 3.26.0
new_1    |   Bundler: Using safe_yaml 1.0.5
new_1    |   Bundler: Using unicode-display_width 1.7.0
new_1    |   Bundler: Using addressable 2.7.0
new_1    |   Bundler: Using em-websocket 0.5.2
new_1    |   Bundler: Fetching i18n 1.8.7
new_1    |   Bundler: Using sassc 2.4.0
new_1    |   Bundler: Using rb-inotify 0.10.1
new_1    |   Bundler: Using pathutil 0.16.2
new_1    |   Bundler: Using terminal-table 2.0.0--- ERROR REPORT TEMPLATE -------------------------------------------------------

new_1    |   Bundler: Using terminal-table 2.0.0--- ERROR REPORT TEMPLATE -------------------------------------------------------
new_1    |   Bundler: # Error Report
new_1    |   Bundler:
new_1    |   Bundler: ## Questions
new_1    |   Bundler:
new_1    |   Bundler: Please fill out answers to these questions, it'll help us figure out
new_1    |   Bundler: why things are going wrong.
new_1    |   Bundler:
new_1    |   Bundler: - **What did you do?**
new_1    |   Bundler:
new_1    |   Bundler: I ran the command `/usr/local/lib/ruby/gems/2.7.0/gems/bundler-2.2.2/exe/bundle install`
new_1    |   Bundler:
new_1    |   Bundler: - **What did you expect to happen?**
new_1    |   Bundler:
new_1    |   Bundler: I expected Bundler to...
new_1    |   Bundler:
new_1    |   Bundler: - **What happened instead?**
new_1    |   Bundler:
new_1    |   Bundler: Instead, what happened was...
new_1    |   Bundler:
new_1    |   Bundler: - **Have you tried any solutions posted on similar issues in our issue tracker, stack overflow, or google?**
new_1    |   Bundler:
new_1    |   Bundler: I tried...
new_1    |   Bundler:
new_1    |   Bundler: - **Have you read our issues document, https://github.com/rubygems/rubygems/blob/master/bundler/doc/contributing/ISSUES.md?**
new_1    |   Bundler:
new_1    |   Bundler: ...
new_1    |   Bundler:
new_1    |   Bundler: ## Backtrace
new_1    |   Bundler:
new_1    |   Bundler: ```
new_1    |   Bundler: Errno::EACCES: Permission denied @ rb_file_s_rename - (/home/jekyll/.local/share/gem/ruby/2.7.0/cache/rexml-3.2.4.gem,  #/usr/gem/cache/rexml-3.2.4.gem)
new_1    |   Bundler: /usr/local/lib/ruby/gems/2.7.0/gems/bundler-2.2.2/lib/bundler/vendor/fileutils/lib/fileutils.rb:548:in `rename'
new_1    |   Bundler: /usr/local/lib/ruby/gems/2.7.0/gems/bundler-2.2.2/lib/bundler/vendor/fileutils/lib/fileutils.rb:548:in `block in mv'
new_1    |   Bundler: /usr/local/lib/ruby/gems/2.7.0/gems/bundler-2.2.2/lib/bundler/vendor/fileutils/lib/fileutils.rb:1588:in `block in fu_each_src_dest'
new_1    |   Bundler: /usr/local/lib/ruby/gems/2.7.0/gems/bundler-2.2.2/lib/bundler/vendor/fileutils/lib/fileutils.rb:1604:in `fu_each_src_dest0'
new_1    |   Bundler: /usr/local/lib/ruby/gems/2.7.0/gems/bundler-2.2.2/lib/bundler/vendor/fileutils/lib/fileutils.rb:1586:in `fu_each_src_dest'
new_1    |   Bundler: /usr/local/lib/ruby/gems/2.7.0/gems/bundler-2.2.2/lib/bundler/vendor/fileutils/lib/fileutils.rb:539:in `mv'
new_1    |   Bundler: /usr/local/lib/ruby/gems/2.7.0/gems/bundler-2.2.2/lib/bundler/source/rubygems.rb:491:in `download_gem'
new_1    |   Bundler: /usr/local/lib/ruby/gems/2.7.0/gems/bundler-2.2.2/lib/bundler/source/rubygems.rb:430:in `fetch_gem'
new_1    |   Bundler: /usr/local/lib/ruby/gems/2.7.0/gems/bundler-2.2.2/lib/bundler/source/rubygems.rb:122:in `install'
new_1    |   Bundler: /usr/local/lib/ruby/gems/2.7.0/gems/bundler-2.2.2/lib/bundler/installer/gem_installer.rb:67:in `install'
new_1    |   Bundler: /usr/local/lib/ruby/gems/2.7.0/gems/bundler-2.2.2/lib/bundler/installer/gem_installer.rb:18:in `install_from_spec'
new_1    |   Bundler: /usr/local/lib/ruby/gems/2.7.0/gems/bundler-2.2.2/lib/bundler/installer/parallel_installer.rb:163:in `do_install'
new_1    |   Bundler: /usr/local/lib/ruby/gems/2.7.0/gems/bundler-2.2.2/lib/bundler/installer/parallel_installer.rb:154:in `block in worker_pool'
new_1    |   Bundler: /usr/local/lib/ruby/gems/2.7.0/gems/bundler-2.2.2/lib/bundler/worker.rb:62:in `apply_func'
new_1    |   Bundler: /usr/local/lib/ruby/gems/2.7.0/gems/bundler-2.2.2/lib/bundler/worker.rb:57:in `block in process_queue'
new_1    |   Bundler: /usr/local/lib/ruby/gems/2.7.0/gems/bundler-2.2.2/lib/bundler/worker.rb:54:in `loop'
new_1    |   Bundler: /usr/local/lib/ruby/gems/2.7.0/gems/bundler-2.2.2/lib/bundler/worker.rb:54:in `process_queue'
new_1    |   Bundler: /usr/local/lib/ruby/gems/2.7.0/gems/bundler-2.2.2/lib/bundler/worker.rb:88:in `block (2 levels) in create_threads'
new_1    |   Bundler: ## Environment
new_1    |   Bundler:
new_1    |   Bundler: Bundler 2.2.2
new_1    |   Bundler: Platforms ruby, x86_64-linux-musl
new_1    |   Bundler: Ruby 2.7.1p83 (2020-03-31 revision a0c7c23c9cec0d0ffcba012279cd652d28ad5bf3) [x86_64-linux-musl]
new_1    |   Bundler: Full Path /usr/local/bin/ruby
new_1    |   Bundler: Config Dir /usr/local/etc
new_1    |   Bundler: RubyGems 3.2.2
new_1    |   Bundler: Gem Home /usr/gem
new_1    |   Bundler: Gem Path /home/jekyll/.local/share/gem/ruby/2.7.0:/usr/local/lib/ruby/gems/2.7.0:/usr/gem
new_1    |   Bundler: User Home /home/jekyll
new_1    |   Bundler: User Path /home/jekyll/.local/share/gem/ruby/2.7.0
new_1    |   Bundler: Bin Dir /usr/gem/bin
new_1    |   Bundler: OpenSSL
new_1    |   Bundler: Compiled OpenSSL 1.1.1g 21 Apr 2020
new_1    |   Bundler: Loaded OpenSSL 1.1.1g 21 Apr 2020
new_1    |   Bundler: Cert File /etc/ssl/cert.pem
new_1    |   Bundler: Cert Dir /etc/ssl/certs
new_1    |   Bundler: Tools
new_1    |   Bundler: Git 2.24.3
new_1    |   Bundler: RVM not installed
new_1    |   Bundler: rbenv not installed
new_1    |   Bundler: chruby not installed
new_1    |   Bundler: ```
new_1    |   Bundler:
new_1    |   Bundler: ## Bundler Build Metadata
new_1    |   Bundler: Built At 2020-12-17
new_1    |   Bundler: Git SHA d85cd5b7c3
new_1    |   Bundler: Released Version true
new_1    |   Bundler: ```
new_1    |   Bundler:
new_1    |   Bundler: ## Bundler settings
new_1    |   Bundler:
new_1    |   Bundler: ```
new_1    |   Bundler: disable_platform_warnings
new_1    |   Bundler: Set via BUNDLE_DISABLE_PLATFORM_WARNINGS: "true"
new_1    |   Bundler: app_config
new_1    |   Bundler: Set via BUNDLE_APP_CONFIG: "/usr/local/bundle"
new_1    |   Bundler: bin
new_1    |   Bundler: Set via BUNDLE_BIN: "/usr/local/bundle/bin"
new_1    |   Bundler: home
new_1    |   Bundler: Set via BUNDLE_HOME: "/usr/local/bundle"
new_1    |   Bundler: silence_root_warning
new_1    |   Bundler: Set via BUNDLE_SILENCE_ROOT_WARNING: true
new_1    |   Bundler: ```
new_1    |   Bundler:
new_1    |   Bundler: ## Gemfile
new_1    |   Bundler:
new_1    |   Bundler: ### Gemfile
new_1    |   Bundler:
new_1    |   Bundler: ```ruby
new_1    |   Bundler: source "https://rubygems.org"
new_1    |   Bundler: # Hello! This is where you manage which Jekyll version is used to run.
new_1    |   Bundler: # When you want to use a different version, change it below, save the
new_1    |   Bundler: # file and run `bundle install`. Run Jekyll with `bundle exec`, like so:
new_1    |   Bundler: #
new_1    |   Bundler: # bundle exec jekyll serve
new_1    |   Bundler: #
new_1    |   Bundler: # This will help ensure the proper Jekyll version is running.
new_1    |   Bundler: # Happy Jekylling!
new_1    |   Bundler: gem "jekyll", "~> 4.2.0"
new_1    |   Bundler: # This is the default theme for new Jekyll sites. You may change this to anything you like.
new_1    |   Bundler: gem "minima", "~> 2.5"
new_1    |   Bundler: # If you want to use GitHub Pages, remove the "gem "jekyll"" above and
new_1    |   Bundler: # uncomment the line below. To upgrade, run `bundle update github-pages`.
new_1    |   Bundler: # gem "github-pages", group: :jekyll_plugins
new_1    |   Bundler: # If you have any plugins, put them here!
new_1    |   Bundler: group :jekyll_plugins do
new_1    |   Bundler: gem "jekyll-feed", "~> 0.12"
new_1    |   Bundler: end
new_1    |   Bundler:
new_1    |   Bundler: # Windows and JRuby does not include zoneinfo files, so bundle the tzinfo-data gem
new_1    |   Bundler: # and associated library.
new_1    |   Bundler: platforms :mingw, :x64_mingw, :mswin, :jruby do
new_1    |   Bundler: gem "tzinfo", "~> 1.2"
new_1    |   Bundler: gem "tzinfo-data"
new_1    |   Bundler: end
new_1    |   Bundler:
new_1    |   Bundler: # Performance-booster for watching directories on Windows
new_1    |   Bundler: gem "wdm", "~> 0.1.1", :platforms => [:mingw, :x64_mingw, :mswin]
new_1    |   Bundler: ```
new_1    |   Bundler:
new_1    |   Bundler: ### Gemfile.lock
new_1    |   Bundler:
new_1    |   Bundler: ```
new_1    |   Bundler: <No /srv/jekyll/mysite/Gemfile.lock found>
new_1    |   Bundler: ```
new_1    |   Bundler:
new_1    |   Bundler: --- TEMPLATE END ----------------------------------------------------------------
new_1    |   Bundler:
new_1    |   Bundler: Unfortunately, an unexpected error occurred, and Bundler cannot continue.
new_1    |   Bundler:
new_1    |   Bundler: First, try this link to see if there are any existing issue reports for this error:
new_1    |   Bundler: https://github.com/rubygems/rubygems/search?q=Permission+denied+%40+rb_file_s_rename+-+%28%2Fhome%2Fjekyll%2F.local%2Fshare%2Fgem%2Fruby%2F2.7.0%2Fcache%2Frexml-3.2.4.gem%2C+%2Fusr%2Fgem%2Fcache%2Frexml-3.2.4.gem%29&type=Issues
new_1    |   Bundler:
new_1    |   Bundler: If there aren't any reports for this error yet, please create copy and paste the report template above into a new issue. Don't forget to anonymize any private data! The new issue form is located at:
new_1    |   Bundler: https://github.com/rubygems/rubygems/issues/new?labels=Bundler
jekyll_new exited with code 0
crudbetter commented 3 years ago

Very very similar problems here - I seemed to have made progress using JEKYLL_ROOTLESS rather than JEKYLL_UID and JEKYLL_GID (https://github.com/envygeeks/jekyll-docker/blob/master/repos/jekyll/copy/all/usr/jekyll/bin/entrypoint)

mehdisebbar commented 3 years ago

Observed same issue with jekyll/jekyll:4.2.0 Errno::EACCES: Permission denied @ rb_file_s_rename - (/home/jekyll/.local/share/gem/ruby/2.7.0/cache/rexml-3.2.5.gem, /usr/gem/cache/rexml-3.2.5.gem)

Does not seem to be related to a configuration issue but a problem within the container.

I confirm that using JEKYLL_ROOTLESS works as following

version: '3'

services:
   new:
      image: jekyll/builder:4.2.0
      container_name: jekyll
      volumes:
         - /share/DockerVolumes/jekyll:/srv/jekyll
      command: 'jekyll new mysite'

      environment:
         - JEKYLL_ROOTLESS=true
dotsoltecti commented 2 years ago

I can confirm this works with the current image jekyll/jekyll. The image jekyll/jekyll:pages still fails

mpetuska commented 2 years ago

Unfortunately doesn't work with the latest image. I can confirm that it does work with 4.2.0 image though.

envygeeks commented 2 years ago

Hey @mpetuska can you provide a log output with -e DEBUG=true?

mpetuska commented 2 years ago

Ok, not sure what's going on, but this now works for me (notice :z volumes)

podman run -ti --rm -w $PWD -v $PWD:$PWD:Z -e JEKYLL_ROOTLESS=1 --network=host docker.io/jekyll/jekyll:latest jekyll help
theory commented 1 year ago

I have run into this issue in Drone. I set these environment variables:

  environment:
    JEKYLL_ROOTLESS: "1"
    JEKYLL_UID: "0"
    JEKYLL_GID: "0"
    DEBUG: "true"

To no avail. The debug output suggests that the UID and GID are not set to 0, though:

+ su-exec jekyll /usr/local/bin/bundle clean
+ true
+ ruby --version
ruby 3.1.1p18 (2022-02-18 revision 53f5fc4236) [x86_64-linux-musl]
+ sup_args=
+ exe=/usr/local/bundle/bin/jekyll
+ '[' 4.2.2 '=' pages ]
+ '[' -x /usr/local/bundle/bin/jekyll ]
+ exec su-exec jekyll bundle exec ruby /usr/local/bundle/bin/jekyll build --destination _site
+ exe=/usr/local/bin/bundle
+ default-gem-permissions
+ set -e
++ id -u
+ '[' 1000 = 0 ']'
+ set -e
+ [[ ! -f Gemfile ]]
++ id -u
+ '[' 1000 '!=' 0 ']'
theory commented 1 year ago

I worked around this issue by first creating the directory:

  commands:
    - mkdir _site
    - jekyll build --destination _site

Without mkdir _site, it fails with:

jekyll 3.9.3 | Error:  Permission denied @ dir_s_mkdir - /drone/src/_site
/usr/local/lib/ruby/3.1.0/fileutils.rb:243:in `mkdir': Permission denied @ dir_s_mkdir - /drone/src/_site (Errno::EACCES)

(No idea why it says 3.9.3; I'm running jekyll/jekyll:4`.)