search

linuxserver / docker-bookstack

A Docker container for the BookStack documentation wiki
GNU General Public License v3.0
797 stars 109 forks source link

Cannot create directory - Permission denied #47

Closed cgrima closed 5 years ago

cgrima commented 5 years ago

Issue

Container fails at creating directory during initialization. Thanks for your help.

System

$ uname -a
Linux 5.2.15-200.fc30.x86_64 #1 SMP Mon Sep 16 15:17:36 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux

$ docker version
Client:
 Version:         1.13.1
 API version:     1.26
 Package version: docker-1.13.1-68.git47e2230.fc30.x86_64
 Go version:      go1.12.7
 Git commit:      47e2230/1.13.1
 Built:           Sat Aug 17 19:58:07 2019
 OS/Arch:         linux/amd64

Server:
 Version:         1.13.1
 API version:     1.26 (minimum version 1.12)
 Package version: docker-1.13.1-68.git47e2230.fc30.x86_64
 Go version:      go1.12.7
 Git commit:      47e2230/1.13.1
 Built:           Sat Aug 17 19:58:07 2019
 OS/Arch:         linux/amd64
 Experimental:    false

Local volumes ownership

$ ls -la
total 4
drwxrwxr-x. 4 admin admin  69 Sep 21 16:26 .
drwxr-x---. 8 admin admin  86 Sep 21 16:23 ..
drwxr-xr-x. 2 admin admin   6 Sep 21 16:26 bookstack
drwxr-xr-x. 2 admin admin   6 Sep 21 16:26 bookstack_db
-rw-rw-r--. 1 admin admin 773 Sep 21 16:25 docker-compose.yml

Owner UID and GID

$ cat /etc/passwd | grep admin
admin:x:1000:1000:admin:/home/admin:/bin/bash

Docker file

$ cat docker-compose.yml 
version: "2"

services:

  bookstack:
    image: linuxserver/bookstack
    container_name: bookstack
    environment:
      - PUID=1000
      - PGID=1000
      - DB_HOST=bookstack_db
      - DB_USER=bookstack
      - DB_PASS=yourdbpass
      - DB_DATABASE=bookstackapp
    volumes:
      - ./bookstack:/config
    ports:
      - 6875:80
    restart: unless-stopped
    depends_on:
      - bookstack_db

  bookstack_db:
    image: linuxserver/mariadb
    container_name: bookstack_db
    environment:
      - PUID=1000
      - PGID=1000
      - MYSQL_ROOT_PASSWORD=yourdbpass
      - TZ=America/Chicago
      - MYSQL_DATABASE=bookstackapp
      - MYSQL_USER=bookstack
      - MYSQL_PASSWORD=yourdbpass
    volumes:
      - ./bookstack_db:/config
    restart: unless-stopped

Logs

$ docker-compose logs
Attaching to bookstack, bookstack_db
bookstack       | [s6-init] making user provided files available at /var/run/s6/etc...exited 0.
bookstack       | [s6-init] ensuring user provided files have correct perms...exited 0.
bookstack_db    | [s6-init] making user provided files available at /var/run/s6/etc...exited 0.
bookstack_db    | [s6-init] ensuring user provided files have correct perms...exited 0.
bookstack_db    | [fix-attrs.d] applying ownership & permissions fixes...
bookstack_db    | [fix-attrs.d] done.
bookstack       | [fix-attrs.d] applying ownership & permissions fixes...
bookstack       | [fix-attrs.d] done.
bookstack       | [cont-init.d] executing container initialization scripts...
bookstack       | [cont-init.d] 10-adduser: executing... 
bookstack       | -------------------------------------
bookstack       |           _         ()
bookstack       |          | |  ___   _    __
bookstack       |          | | / __| | |  /  \ 
bookstack       |          | | \__ \ | | | () |
bookstack       |          |_| |___/ |_|  \__/
bookstack       | Brought to you by linuxserver.io
bookstack       | We gratefully accept donations at:
bookstack       | https://www.linuxserver.io/donate/
bookstack       | -------------------------------------
bookstack       | GID/UID
bookstack       | -------------------------------------
bookstack       | User uid:    1000
bookstack       | User gid:    1000
bookstack       | -------------------------------------
bookstack       | usermod: Failed to change ownership of the home directorychown: changing ownership of '/config': Permission denied
bookstack       | [cont-init.d] 10-adduser: exited 0.
bookstack       | [cont-init.d] 20-config: executing... 
bookstack       | mkdir: cannot create directory ‘/config/nginx’: Permission denied
bookstack       | mkdir: cannot create directory ‘/config/www’: Permission denied
bookstack       | mkdir: cannot create directory ‘/config/log’: Permission denied
bookstack       | mkdir: cannot create directory ‘/config/keys’: Permission denied
bookstack       | mkdir: cannot create directory ‘/config/log’: Permission denied
bookstack       | mkdir: cannot create directory ‘/config/php’: Permission denied
bookstack       | cp: cannot create regular file '/config/nginx/nginx.conf': No such file or directory
bookstack       | cp: cannot create regular file '/config/nginx/site-confs/default': No such file or directory
bookstack       | find: /config/www: No such file or directory
bookstack       | cp: cannot create regular file '/config/www/index.html': No such file or directory
bookstack       | /var/run/s6/etc/cont-init.d/20-config: line 20: /config/php/php-local.ini: No such file or directory
bookstack       | cp: cannot stat '/config/php/php-local.ini': No such file or directory
bookstack       | /var/run/s6/etc/cont-init.d/20-config: line 30: /config/php/www2.conf: No such file or directory
bookstack       | cp: cannot stat '/config/php/www2.conf': No such file or directory
bookstack       | chown: cannot read directory '/config': Permission denied
bookstack       | chmod: cannot access '/config/nginx': No such file or directory
bookstack       | chmod: cannot access '/config/www': No such file or directory
bookstack       | [cont-init.d] 20-config: exited 0.
bookstack       | [cont-init.d] 30-keygen: executing... 
bookstack       | generating self-signed keys in /config/keys, you can replace these with your own keys if required
bookstack       | Generating a RSA private key
bookstack       | ..........................+++++
bookstack       | .......................+++++
bookstack       | writing new private key to '/config/keys/cert.key'
bookstack       | req: Can't open "/config/keys/cert.key" for writing, No such file or directory
bookstack       | [cont-init.d] 30-keygen: exited 1.
bookstack       | [cont-init.d] 50-config: executing... 
bookstack       | mkdir: cannot create directory ‘/config/www’: Permission denied
bookstack       | mkdir: cannot create directory ‘/config/www’: Permission denied
bookstack       | mkdir: cannot create directory ‘/config/www’: Permission denied
bookstack       | cp: cannot create regular file '/config/www/.env': No such file or directory
bookstack       | Generating BookStack app key for first run
bookstack       | /var/run/s6/etc/cont-init.d/50-config: line 31: /config/BOOKSTACK_APP_KEY.txt: Permission denied
bookstack       | App Key set to base64:py8IlZfbiwjArUlXn/KlmXIzAkJqQgRzoReDcO8VHj8= you can modify the file to update /config/BOOKSTACK_APP_KEY.txt
bookstack       | grep: /config/www/.env: No such file or directory
bookstack       | grep: /config/www/.env: No such file or directory
bookstack       | sed: /config/www/.env: No such file or directory
bookstack       | Running config - db_user set
bookstack       | sed: /config/www/.env: No such file or directory
bookstack       | sed: /config/www/.env: No such file or directory
bookstack       | sed: /config/www/.env: No such file or directory
bookstack       | sed: /config/www/.env: No such file or directory
bookstack_db    | [cont-init.d] executing container initialization scripts...
bookstack_db    | [cont-init.d] 10-adduser: executing... 
bookstack_db    | -------------------------------------
bookstack_db    |           _         ()
bookstack_db    |          | |  ___   _    __
bookstack_db    |          | | / __| | |  /  \ 
bookstack_db    |          | | \__ \ | | | () |
bookstack_db    |          |_| |___/ |_|  \__/
bookstack_db    | Brought to you by linuxserver.io
bookstack_db    | We gratefully accept donations at:
bookstack_db    | https://www.linuxserver.io/donate/
bookstack_db    | -------------------------------------
bookstack_db    | GID/UID
bookstack_db    | -------------------------------------
bookstack_db    | User uid:    1000
bookstack_db    | User gid:    1000
bookstack_db    | -------------------------------------
bookstack_db    | usermod: Failed to change ownership of the home directorychown: changing ownership of '/config': Permission denied
bookstack_db    | [cont-init.d] 10-adduser: exited 0.
bookstack_db    | [cont-init.d] 30-config: executing... 
bookstack_db    | mkdir: cannot create directory ‘/config/databases’: Permission denied
bookstack_db    | mkdir: cannot create directory ‘/config/log’: Permission denied
bookstack_db    | cp: cannot create regular file '/config/custom.cnf': Permission denied
bookstack_db    | [cont-init.d] 30-config: exited 0.
bookstack_db    | [cont-init.d] 40-initialise-db: executing... 
bookstack_db    | Setting Up Initial Databases
bookstack_db    | chown: cannot access '/config/log/mysql': No such file or directory
bookstack_db    | chmod: cannot access '/config/log/mysql': No such file or directory
bookstack_db    | mkdir: cannot create directory ‘/config/databases’: Permission denied
bookstack_db    | Fatal error Can't create database directory '/config/databases'
bookstack_db    | The latest information about mysql_install_db is available at
bookstack_db    | https://mariadb.com/kb/en/installing-system-tables-mysql_install_db
bookstack_db    | 2019-09-22 16:36:39 0 [Note] mysqld (mysqld 10.3.18-MariaDB-1:10.3.18+maria~bionic-log) starting as process 260 ...
bookstack_db    | 2019-09-22 16:36:39 0 [Warning] Can't create test file /config/databases/e162732c4c48.lower-test
bookstack_db    | mysqld: Can't change dir to '/config/databases/' (Errcode: 2 "No such file or directory")
bookstack_db    | 2019-09-22 16:36:39 0 [ERROR] Aborting
alex-phillips commented 5 years ago

What OS are you running? Are you running SELinux?

cgrima commented 5 years ago

Fedora Server 30 with kernel 5.2.15. And yes, SELinux is enabled and enforced.

j0nnymoe commented 5 years ago

Also, how did you install docker?

cgrima commented 5 years ago

Whao! Tough question. That was a while ago. It's actually possible that Docker was preinstalled with Fedora Server. If not, it's been done through dnf. I'm running a couple of other Linuxerserver images (Radarr, Sonarr), but never had this issue. Those containers have beem running for some time now, though. Maybe a Fedora update enforced some rules since.

j0nnymoe commented 5 years ago

Only reason I mention it is we've seen funky errors happen when using distro provided versions of docker. We always recommend installing via their https://get.docker.com script.

alex-phillips commented 5 years ago

SELinux would cause an issue. You can confirm this by temporarily disabling it: sudo setenforce 0 and try spinning up the stack again. Re-enable it with sudo setenforce 1.

I'd bet money that it's SELinux.

cgrima commented 5 years ago

You got it right. Disabling SELinux fixes it. Although I have to keep it disabled since sudo setenforce 1 does not allow to navigate the website neither.

alex-phillips commented 5 years ago

@cgrima You can have it enabled with docker, but you need to set your config mounts to the proper context.