search

sameersbn / docker-postgresql

Dockerfile to build a PostgreSQL container image which can be linked to other containers.
MIT License
1.05k stars 467 forks source link

sudoers: Permission denied #123

Open SRJ9 opened 5 years ago

SRJ9 commented 5 years ago

I got this error when I run the container (any version: latest, 9:6, ...).

OS: Debian 9.6 Kernel: 4.9.0-8-amd64

/var/lib/docker is a mount point (partition of 92GB only with that)

Initializing datadir...
Initializing certdir...
Initializing logdir...
Initializing rundir...
Setting resolv.conf ACLs...
Initializing database...
sudo: unable to stat /etc/sudoers: Permission denied
sudo: no valid sudoers sources found, quitting
sudo: unable to initialize policy plugin

In other server with same OS is working OK.

YouSysAdmin commented 3 years ago

This is not a system problem, it is a container security context issue.

Fix: docker/podman --cap-add audit_write ....

fix for kubernetes:

deployment/statefulset etc:

...
      containers:
        - name: postgresql
          image: sameersbn/postgresql:latest

          securityContext:
            capabilities:
              add: ["AUDIT_WRITE"]
....
mikeqoo1 commented 2 years ago

thx help