search

jlesage / docker-nginx-proxy-manager

Docker container for Nginx Proxy Manager
MIT License
770 stars 173 forks source link

chown: /config: Permission denied #228

Closed Hari-keerthan closed 2 years ago

Hari-keerthan commented 2 years ago

[root@hadoop-master docker]# docker run -d -p 8181:8181 -p 8080:8080 -p 4443:4443 -v /test:/config:rw jlesage/nginx-proxy-manager 89365d75d8a0a51cb57e55f76763041c047cb7b9b136ec408af59796208b4a35 [root@hadoop-master docker]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 89365d75d8a0 jlesage/nginx-proxy-manager "/init" 1 second ago Up Less than a second 0.0.0.0:4443->4443/tcp, 0.0.0.0:8080->8080/tcp, 0.0.0.0:8181->8181/tcp pedantic_ptolemy [root@hadoop-master docker]# docker container logs 89365d75d8a0 [s6-init] making user provided files available at /var/run/s6/etc...exited 0. [s6-init] ensuring user provided files have correct perms...exited 0. [fix-attrs.d] applying ownership & permissions fixes... [fix-attrs.d] done. [cont-init.d] executing container initialization scripts... [cont-init.d] 00-app-niceness.sh: executing... [cont-init.d] 00-app-niceness.sh: exited 0. [cont-init.d] 00-app-script.sh: executing... [cont-init.d] 00-app-script.sh: exited 0. [cont-init.d] 00-app-user-map.sh: executing... [cont-init.d] 00-app-user-map.sh: exited 0. [cont-init.d] 00-clean-logmonitor-states.sh: executing... [cont-init.d] 00-clean-logmonitor-states.sh: exited 0. [cont-init.d] 00-clean-tmp-dir.sh: executing... [cont-init.d] 00-clean-tmp-dir.sh: exited 0. [cont-init.d] 00-set-app-deps.sh: executing... [cont-init.d] 00-set-app-deps.sh: exited 0. [cont-init.d] 00-set-home.sh: executing... [cont-init.d] 00-set-home.sh: exited 0. [cont-init.d] 00-take-config-ownership.sh: executing... chown: /config: Permission denied [cont-init.d] 00-take-config-ownership.sh: ERROR: Failed to take ownership and no write permission on /config. [cont-init.d] 00-take-config-ownership.sh: exited 1. [services.d] stopping services [services.d] stopping s6-fdholderd... [cont-finish.d] executing container finish scripts... [cont-finish.d] done. [s6-finish] syncing disks. [s6-finish] sending all processes the TERM signal. [s6-finish] sending all processes the KILL signal and exiting. [root@hadoop-master docker]# [root@hadoop-master docker]#

Hari-keerthan commented 2 years ago

[root@hadoop-master docker]# docker run -d -p 8181:8181 -p 8080:8080 -p 4443:4443 -v /docker/appdata/nginx-proxy-manager:/config:rw jlesage/nginx-proxy-manager 078e6ab4de9a622f80841bffa3251814c1488ceef4b5b6075990ae2d563bda7e [root@hadoop-master docker]# docker container logs 078e6ab4de9a622f80841bffa3251814c1488ceef4b5b6075990ae2d563bda7e [s6-init] making user provided files available at /var/run/s6/etc...exited 0. [s6-init] ensuring user provided files have correct perms...exited 0. [fix-attrs.d] applying ownership & permissions fixes... [fix-attrs.d] done. [cont-init.d] executing container initialization scripts... [cont-init.d] 00-app-niceness.sh: executing... [cont-init.d] 00-app-niceness.sh: exited 0. [cont-init.d] 00-app-script.sh: executing... [cont-init.d] 00-app-script.sh: exited 0. [cont-init.d] 00-app-user-map.sh: executing... [cont-init.d] 00-app-user-map.sh: exited 0. [cont-init.d] 00-clean-logmonitor-states.sh: executing... [cont-init.d] 00-clean-logmonitor-states.sh: exited 0. [cont-init.d] 00-clean-tmp-dir.sh: executing... [cont-init.d] 00-clean-tmp-dir.sh: exited 0. [cont-init.d] 00-set-app-deps.sh: executing... [cont-init.d] 00-set-app-deps.sh: exited 0. [cont-init.d] 00-set-home.sh: executing... [cont-init.d] 00-set-home.sh: exited 0. [cont-init.d] 00-take-config-ownership.sh: executing... chown: /config: Permission denied chown: /config: Permission denied [cont-init.d] 00-take-config-ownership.sh: ERROR: Failed to take ownership and no write permission on /config. [cont-init.d] 00-take-config-ownership.sh: exited 1. [services.d] stopping services [services.d] stopping s6-fdholderd... [cont-finish.d] executing container finish scripts... [cont-finish.d] done. [s6-finish] syncing disks. [s6-finish] sending all processes the TERM signal. [s6-finish] sending all processes the KILL signal and exiting. [root@hadoop-master docker]#

jlesage commented 2 years ago

You probably need to set USER_ID and GROUP_ID so that the container can write to /docker/appdata/nginx-proxy-manager ?

Hari-keerthan commented 2 years ago

[root@hadoop-master ~]# docker run -d -p 8181:8181 -p 8080:8080 -p 4443:4443 -u root:root -v /docker/appdata/nginx-proxy-manager:/config:rw jlesage/nginx-proxy-manager WARNING: IPv4 forwarding is disabled. Networking will not work. 5a1e923f022be828cdd2bdead61f4e7c37c4e4ac4e27455425bf50df1567f13e [root@hadoop-master ~]# docker logs 5a1e923f022be828cdd2bdead61f4e7c37c4e4ac4e27455425bf50df1567f13e [s6-init] making user provided files available at /var/run/s6/etc...exited 0. [s6-init] ensuring user provided files have correct perms...exited 0. [fix-attrs.d] applying ownership & permissions fixes... [fix-attrs.d] done. [cont-init.d] executing container initialization scripts... [cont-init.d] 00-app-niceness.sh: executing... [cont-init.d] 00-app-niceness.sh: exited 0. [cont-init.d] 00-app-script.sh: executing... [cont-init.d] 00-app-script.sh: exited 0. [cont-init.d] 00-app-user-map.sh: executing... [cont-init.d] 00-app-user-map.sh: exited 0. [cont-init.d] 00-clean-logmonitor-states.sh: executing... [cont-init.d] 00-clean-logmonitor-states.sh: exited 0. [cont-init.d] 00-clean-tmp-dir.sh: executing... [cont-init.d] 00-clean-tmp-dir.sh: exited 0. [cont-init.d] 00-set-app-deps.sh: executing... [cont-init.d] 00-set-app-deps.sh: exited 0. [cont-init.d] 00-set-home.sh: executing... [cont-init.d] 00-set-home.sh: exited 0. [cont-init.d] 00-take-config-ownership.sh: executing... chown: /config: Permission denied chown: /config: Permission denied [cont-init.d] 00-take-config-ownership.sh: ERROR: Failed to take ownership and no write permission on /config. [cont-init.d] 00-take-config-ownership.sh: exited 1. [services.d] stopping services [services.d] stopping s6-fdholderd... [cont-finish.d] executing container finish scripts... [cont-finish.d] done. [s6-finish] syncing disks. [s6-finish] sending all processes the TERM signal. [s6-finish] sending all processes the KILL signal and exiting. [root@hadoop-master ~]#

jlesage commented 2 years ago

Sorry I was talking about USER_ID and GROUP_ID environment variables. https://github.com/jlesage/docker-nginx-proxy-manager#environment-variables

Hari-keerthan commented 2 years ago

[root@hadoop-master ~]# echo $USER_ID 0 [root@hadoop-master ~]# echo $GROUP_ID 0 [root@hadoop-master ~]# id uid=0(root) gid=0(root) groups=0(root) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 [root@hadoop-master ~]# a=docker run -d -p 8181:8181 -p 8080:8080 -p 4443:4443 --env USER_ID=0 --env GROUP_ID=0 -v /docker/appdata/nginx-proxy-manager:/config:rw jlesage/nginx-proxy-manager [root@hadoop-master ~]# docker logs $a [s6-init] making user provided files available at /var/run/s6/etc...exited 0. [s6-init] ensuring user provided files have correct perms...exited 0. [fix-attrs.d] applying ownership & permissions fixes... [fix-attrs.d] done. [cont-init.d] executing container initialization scripts... [cont-init.d] 00-app-niceness.sh: executing... [cont-init.d] 00-app-niceness.sh: exited 0. [cont-init.d] 00-app-script.sh: executing... [cont-init.d] 00-app-script.sh: exited 0. [cont-init.d] 00-app-user-map.sh: executing... [cont-init.d] 00-app-user-map.sh: exited 0. [cont-init.d] 00-clean-logmonitor-states.sh: executing... [cont-init.d] 00-clean-logmonitor-states.sh: exited 0. [cont-init.d] 00-clean-tmp-dir.sh: executing... [cont-init.d] 00-clean-tmp-dir.sh: exited 0. [cont-init.d] 00-set-app-deps.sh: executing... [cont-init.d] 00-set-app-deps.sh: exited 0. [cont-init.d] 00-set-home.sh: executing... [cont-init.d] 00-set-home.sh: exited 0. [cont-init.d] 00-take-config-ownership.sh: executing... chown: /config: Permission denied chown: /config: Permission denied [cont-init.d] 00-take-config-ownership.sh: exited 0. [cont-init.d] 00-xdg-runtime-dir.sh: executing... [cont-init.d] 00-xdg-runtime-dir.sh: exited 0. [cont-init.d] 90-db-upgrade.sh: executing... [cont-init.d] 90-db-upgrade.sh: exited 0. [cont-init.d] nginx-proxy-manager.sh: executing... mkdir: can't create directory '/config/log': Permission denied mkdir: can't create directory '/config/letsencrypt/': Permission denied mkdir: can't create directory '/config/letsencrypt-acme-challenge': Permission denied mkdir: can't create directory '/config/custom_ssl': Permission denied mkdir: can't create directory '/config/access': Permission denied mkdir: can't create directory '/config/nginx/': Permission denied mkdir: can't create directory '/config/nginx/': Permission denied mkdir: can't create directory '/config/nginx/': Permission denied mkdir: can't create directory '/config/nginx/': Permission denied mkdir: can't create directory '/config/nginx/': Permission denied mkdir: can't create directory '/config/nginx/': Permission denied mkdir: can't create directory '/config/nginx/': Permission denied mkdir: can't create directory '/config/nginx/': Permission denied mkdir: can't create directory '/config/log/': Permission denied mkdir: can't create directory '/config/letsencrypt-workdir': Permission denied [cont-init.d] nginx-proxy-manager.sh: exited 1. [services.d] stopping services [services.d] stopping s6-fdholderd... [cont-finish.d] executing container finish scripts... [cont-finish.d] done. [s6-finish] syncing disks. [s6-finish] sending all processes the TERM signal. [s6-finish] sending all processes the KILL signal and exiting. [root@hadoop-master ~]#

jlesage commented 2 years ago

Is there anything special with /docker/appdata/nginx-proxy-manager ? Is this a NFS share ?

Hari-keerthan commented 2 years ago

no just trying it out in centos 7 in oracle virtual box, if you dont understand the issue its fine, you can close this issue.

Anyway thanks for trying to help me.

jlesage commented 2 years ago

The issue is that the container is not able to write to /config, which is mapped to /docker/appdata/nginx-proxy-manager on the host. But it's not clear to me why /docker/appdata/nginx-proxy-manager is not writeable. More investigation on the host side would be needed. You could try to use another directory to see if it helps.

Hari-keerthan commented 2 years ago

Hey it worked, need to use z instead of rw in -v command used - docker run -d -p 8181:8181 -p 8080:8080 -p 4443:4443 --env USER_ID --env GROUP_ID -v /docker/appdata/nginx-proxy-manager:/config:z jlesage/nginx-proxy-manager